Your browser is obsolete!

The page may not load correctly.

Anti-virus fallacies

Антивирусная неправда

Other issues in this category (36)
  • add to favourites
    Add to Bookmarks

WannaCry: How myths are destroyed

Read: 835 Comments: 7 Rating: 10

Employees of anti-virus company PR and marketing departments will long remember the week following the WannaCry attack (which started on May 12, a Friday). People asked lots of questions. In particular, some asked why Russia suffered the most from the attack.


Russia was the most affected country. Many computers in Ukraine, Japan, India and other countries were also infected.

It's hard to argue with statistics, and experts have come up with all sorts of explanations as to why so many machines in Russia were infected.

The first reason has to do with the level of software piracy. Everyone knows that software piracy is a common phenomenon in Russia. And people who use software illegally are very reluctant to install updates because they are afraid that their computers will be blocked.

The second reason is the low salaries of system administrators. Their employers just can't afford to pay them more. This, too, is understandable: many companies can't afford to hire competent system administrators.

The third reason is the inadequate organization of business processes, specifically with regards to outdated software being used on corporate computers and no updates being installed.

In Europe patches of this kind are applied within a month. In Russia it takes us an average of two to get that done.

Here, I think we can stop listing the problems we have in Russia and start exposing the truth.

While going about its work, WannaCry sends queries to a certain URL. The security expert known as MalwareTech registered the corresponding domain, and as a result Kryptos Logic, which controls the domain now, was able to analyse queries coming from the ransomware.

Kryptos Logic gathered statistics about the requests sent to the kill switch domain during the last two weeks—the security researchers registered around 14-16 million queries. It was stated previously that 50%-75% of Wannacry-infected machines resided in Russia, but the information gathered indicates that the highest number of infections occurred in China (6.2 million requests). It is followed by the USA (1.1 million), Russia (1 million), India (540,000), Taiwan (375,000), Mexico (300,000), Ukraine (238,000), the Philippines (231,000), Hong Kong (192,000), and Brazil (191,000d).


How did the enlightened USA outperform Russia? Because of a lower level of software piracy? The professionalism of system administrators? Or the quality of business procedures? We are waiting to hear what the experts have to say.

#Windows #malware #ransom #extortion #myth #damage #encryption_ransomware

Dr.Web recommends


Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.


Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.