Security firms have suggested that the majority of the machines hit by the WannaCry ransomware worm earlier this month were running Windows 7. More than 97% of the infections seen by Kaspersky Lab and 66% of those seen by BitSight used the older software. WannaCry has so far infected more than 200,000 computers around the world.
Many have suggested that the reason UK hospitals suffered was because many of them still relied on programmes that required Windows XP – a version of Microsoft’s OS that came out in 2001. However, figures from Kaspersky Lab showed that infections of XP by WannaCry were insignificant. Windows 7 was released in 2009 and the most widely infected version was the x64 edition, which is widely used in large organisations.
Many organisations seem to have been caught out because they failed to apply a patch, issued by Microsoft in March that blocked vulnerability which WannaCry exploited.
Security experts also found that the worm spread largely by seeking out vulnerable machines on the net by itself. Adam McNeil, a senior malware analyst at Malwarebytes, said the worm was primed to look for machines vulnerable to a bug in a Microsoft technology known as the Server Message Block . Mr McNeil said he suspected that whoever was behind the worm first identified a ‘few thousand’ vulnerable machines which were used as the launch platform for the much larger waves of infection.
www.bbc.co.uk (22nd May 2017)