We will now explain why the protection of files against Wannacry is still so poor and how you can protect yourself. To start with, experts say that millions of devices are still vulnerable to perfidious attacks and antivirus does not help.
Wannacry Cryptolocker — no end in sight
May 2017 is probably still remembered by IT experts and security researchers worldwide. It was the birth month of Wannacry — nasty ransomware that crippled systems across the globe faster than most could say “IT security.” From Deutsche Bahn to the British health service to Renault’s corporate headquarters in France, the number of victims was about as big as their names. Today, two years later, one would think that the extortion malware should no longer pose a threat. The opposite is the case. According to experts, millions of devices are still vulnerable and could become infected at virtually any time. Why is that the case? Because several million private customers and entrepreneurs are still using outdated operating systems.
Entry gates for Wannacry are still wide open
Not only Wannacry, but also successors such as Petya exploit small vulnerabilities and security holes in older operating systems to gain access to devices and servers. According to security researcher Nate Warfield, at least 1.7 million devices or users are currently vulnerable to such download attacks. And the number of unreported cases is probably many times higher. The use of outdated systems is particularly dangerous when the corresponding devices are connected to the Internet. And this is probably also the case for the very last Windows XP user.
Inadequate security architectures in many companies
According to Eicar, the fact that the Cryptolocker is no longer active is, of course, immensely reassuring. Unfortunately, however, it does not change the fact that IT security on countless devices around the world is in a very poor state and needs a tester. And where Wannacry comes in, there is just as likely to be a related one that is not asleep, but active. The problem surrounding the inadequate protection of many IT systems is complex. On the one hand, of course, every private user and every entrepreneur is obliged to take appropriate measures or to initiate them. Hiring a professional service provider to check the status quo of IT security and then optimize it is often the fastest and best solution.
So much for what everyone can do themselves. But there are also problems in other areas. About 40 percent of all warnings of cyber attacks cannot be followed up. Simply because there is a lack of personnel for tests. And the fact that attacks are becoming increasingly complex and opaque definitely doesn’t make it any better.