WannaCry – and why it never went away

The infamous ransomware worm WannaCry is already more than two-and-a-half years old.

WannaCry spreads using a security hole that was patched two months before the worm first appeared, so you’d be forgiven for assuming that it would have fizzled out by now and become little more than a museum curiosity.

But a paper published recently by Sophos experts tells a very different story, with more than 5,000,000 infection attempts logged in a three-month period last year – and that’s just the ones that were detected and blocked by a Sophos product and reported by Sophos telemetry.

Given that WannaCry doesn’t even bother trying to infect a computer if can can see in advance that it’s patched, each one of those infection attempts was aimed at a still-unpatched device.

In other words, the world is awash with computers that haven’t been patched for well over two years.

We went live to look at the lessons we should have learned, but haven’t:

(Watch directly on YouTube if the video won’t play here.)