WannaCry cyberattacks persist more than a year after global outbreak: Report

November 13, 2018 GMT

WannaCry, a crippling computer virus blamed on North Korea, continues to spread widely in the wake of abruptly claiming victims in 150 countries last year, security researchers warned Monday.

Kaspersky Lab, a Russia-based cybersecurity firm, indicated in a quarterly threat report that WannaCry remains a major threat 18 months after its initial outbreak infected computers used by Boeing, FexEd, Honda and the U.K. National Health Service, among others.

WannaCry was used in attacks mounted against 74,621 unique Kaspersky users between July and September 2018, according to the report, accounting for 28.72 percent of all customers targeted during the quarter with “cryptors,” or malware designed to encrypt files stored on infected machines, up from 16.78 percent during the third quarter of 2017.


“It is concerning to see that WannaCry attacks have grown by almost two-thirds compared to the third quarter of last year,” said David Emm, principal security researcher at Kaspersky Lab. “This is yet another reminder that epidemics don’t cease as rapidly as they begin - the consequences of these attacks are unavoidably long-lasting.”

Unleashed in mid-May 2017, WannaCry wreaked worldwide havoc within a matter of hours by worming its way through computers running vulnerable versions of Microsoft Windows, encrypting their contents and holding the data hostage in exchange for a purported ransom payment.

The U.S. has blamed North Korea for WannaCry, and the Justice Department filed charges in September against Park Jin Hyok, a suspected state-sponsored hacker accused of being involved in its creation.

North Korea has previously denied responsibility for the virus.

Powered by exploits previously hoarded by the U.S. National Security Agency and leaked online weeks earlier, WannaCry infected upwards of 200,000 computer across 150 countries before being disrupted within days by the activation of a “kill switch” discovered by a British security researcher.

The U.K. National Health Service, or NHS, said last month that it incurred over $120 million in costs as a result of becoming infected during the WannaCry outbreak.