WannaCry: Not dead yet

Our statistics show that WannaCry, far from fading away, was responsible for 30% of ransomware attacks in Q3 2018.

A year and a half ago, the world was discombobulated by the WannaCry ransomware epidemic. As a result, cybersecurity firms everywhere spilled a lot of virtual ink on articles about how to minimize risks and secure infrastructure. Lately, it seemed that WannaCry had been consigned to history. But no.

Our experts were busy producing the latest IT threat evolution report when they came across an interesting statistic. It turns out that in Q3 2018 the “museum piece” WannaCry attacked 74,621 users. Put another way, that is almost a third (28.72%) of all ransomware attacks. So, reports of its death are greatly exaggerated.

Our statistics come from computers protected by our technologies, so no real damage occurred; our products have instantly repelled WannaCry from the start. However, the number of attempts to infect computers with this Trojan in 2018 suggests that someone out there is still actively using WannaCry. This would hardly be the case if there was nothing in it for cybercriminals — fools they are not. It means that they are still able to infect computers.

Infections continue even though theoretically, even in the event of a successful infection, WannaCry cannot spread over networks as it could in 2017, because users have installed the necessary updates (released for even the Stone Age Windows XP).

Another interesting stat our experts picked up is that although the number of new ransomware families is down this year, the number of attacks is on the rise. Whereas in Q2 we observed 158,921 attacked users, in Q3 that figure climbed to 259,867, and the number continues to grow month by month.

Therefore, we decided to repeat our customary set of tips to help protect your business from the ravages of ransomware.


  • Regularly update the operating systems on all computers on your network to the latest version. This will quickly patch fresh vulnerabilities.
  • Use security solutions with dedicated antiransomware technologies. Our solutions, for example, feature a subsystem that, even if faced with a completely new threat, will protect data by rolling back any changes made by malware.
  • Make regular backups of important information. It is a good idea to keep several copies in different places: for example, one on an isolated physical drive, another in the cloud.
  • Continuously raise employee awareness about modern cyberthreats.
  • If using security solutions from other vendors, consider beefing up your protection with our free Kaspersky Anti-Ransomware Tool, which is compatible with most third-party security products.
  • Tips