It’s been over a year since the malicious ‘WannaCry’ virus devastated businesses around the world, but new data shows thousands of local systems are still affected, and experts are warning of a cyber attack of a similar scale before the year is through.
Viruses such as WannaCry and NotPetya were some of the world’s most widespread and destructive cyber attacks last year, popping up literally overnight in 2017 and swiftly shutting down major systems across the globe. This included international airports, the UK’s National Health Service, and multinational business giants such as Maersk, with the cyber attack almost bringing the entire multibillion-dollar company to its knees.
Both WannaCry and NotPetya operated through similar means, with the two viruses taking advantage of exploits developed by the United States National Security Agency to infiltrate systems via a vulnerability in older, un-patched versions of Microsoft’s Windows operating systems.
At the time, the resounding advice for businesses and individuals everywhere was to update their systems, as the virus could only infect a system that had not installed a patch from Microsoft that fixed the exploit.
However, new data from cyber security company MalwareBytes shows the devastating WannaCry virus is still hitting thousands of systems in Australia and millions across the world, despite the virus being more than a year old.
In Australia in 2018, Malwarebytes has detected 3,388 cases of WannaCry running on systems, to date. When taking into account the broader Asia Pacific region, that number balloons to over 1.5 million.
Worldwide, there are still 3 million computers infected with WannaCry in 2018, according to Malwarebytes.
Furthermore, according to Malwarebytes’ Cybercrime Tactics reports for the first half of 2018, the number of backdoor malware attacks in Australia jumped by over 1,800% between the first two quarters this year, with more than 140,000 cases detected. Backdoor malware is a form of malware attack that enters the system undetected, or via a ‘back door’.
Another attack like WannaCry on the horizon
While it’s been fairly quiet on the cyberattack front throughout 2018, businesses should be gearing up for more widespread and devastating cyber attacks, warns Malwarebytes founder Marcin Kleczynski.
Speaking to SmartCompany, the cyber security software wunderkind says he’s observed cyber attacks on the scale of WannaCry coming in threes, with last year seeing WannaCry, NotPetya, and BadRabbit hitting systems all within relatively quick succession.
“It seems like they come in threes, and we’re still detecting WannaCry on a ton of computers every single day,” says Kleczynski.
“I think this year has been quiet, which is good and bad. It makes me wonder what cyber criminals are up to, and after the holidays it will be interesting to see what gets out there.”
While the concept of cyber criminals taking a sunny vacation might be an odd one, Kleczynski says, believe it or not, cyber attacks do have a certain seasonality to them.
“In terms of malware trends, when we go on holidays, the criminals do too,” he says.
With this in mind, the founder says he’d be “shocked and surprised” if the world made it through the rest of the year without an attack on the scale of WannaCry occurring.
“We’re just as vulnerable as we were last year. Security is being more discussed at a board level, but not much action is being taken, and all the while technology is advancing faster than our ability to secure it,” he says.
One such example of this is the rise of ‘cryptomining’ attacks, which infect systems with small applications that execute code to mine cryptocurrency in the background while the computer is running, making money for the attacker and causing strife for the victim.
These infections are beginning to target more than just computer systems, with Android phones also falling victim to similar attacks. According to Malwarebytes, in Australia alone this year there have been more than 460,000 detected cases of cryptomining software on systems and more than 63 million worldwide.
SMEs more vulnerable than anyone
Speaking to SmartCompany, regional director for Malwarebytes in Australia Jim Cook says there’s now more acceptance from business owners about the inevitability of their systems being attacked, saying SMEs have long been the perfect target for cyber criminals.
“It’s been a growing market for some time now, mainly because Australia is built on SMEs, and a lot of small businesses provide services to larger companies and therefore are a soft target to gain access to those companies,” Cook says.
One such example Cook has seen in recent years is a large air conditioning business getting infected due to an internet-enabled fish tank thermometer installed by a small business contractor.
“But it can have a greater effect on small businesses, it can completely destroy them. They’re more vulnerable than anybody, where big businesses can sometimes just fix it and get on with the job,” he says.