As the dust has begun to settle around the WannaCry ransomware attack, we're starting to piece together more information regarding how the attack was carried out and how it worked, hopefully allowing us to learn important lessons regarding cyber security and how to prevent, and react to, such attacks in the future.
One of the earliest controversies immediately following the attack was the impact Microsoft's policies to do with supporting older versions of Windows had in the spread and success of the infections. As it turns out, despite earlier criticism, their effect may have been negligible.
A new report by the popular cyber security and anti-virus firm Kaspersky Lab has revealed that the overwhelming majority of the affected systems were running Windows 7, a version of Windows that Microsoft still supports and for which a fix had been released months before the attack hit. Windows XP, which fell out of support in April 2014 and which only received an emergency patch from Microsoft after the fact, had an insignificant number of infections.
#WannaCry infection distribution by the Windows version. Worst hit - Windows 7 x64. The Windows XP count is insignificant. pic.twitter.com/5GhORWPQij— Costin Raiu (@craiu) May 19, 2017
Windows 7 accounted for 98% of the affected computers, while Windows XP and 2008 R2 Server had infection rates of around 0.1% and 1.5%, respectively.
This should serve as another reminder for all users to routinely download and install security updates via Windows Update as and when they're pushed by Microsoft. For those who were unable to do so and were affected, there is still a light at the end of the tunnel as researchers have found a way to reverse the impact of the ransomware, though it does not, unfortunately, work for all users.