Why did the WannaCry ransomware attack affect so many people?

The WannaCry ransomware attack is still ongoing. There have, however, been some interesting developments in the story since we wrote about it last week.

Despite the widespread vulnerability to attack being blamed on computers running Windows XP – which Microsoft ceased providing updates for in 2015 – it turns out that machines running Windows 7 accounted for the majority of infections. Data from the cybersecurity firm Kaspersky found that 98% of machines infected with the WannaCry ransomware were running Windows 7, with Windows XP accounting for an insignificant number. This isn’t too surprising, since Windows 7 is the most popular Windows operating system in the world, running on 46% of Windows computers globally. Windows XP accounts for just over 5%.

So why, when Windows 7 is still receiving security updates from Microsoft, is the operating system being infected with the WannaCry ransomware? The answer is simple – people hadn’t installed the latest updates when the attack occurred. Fully updated systems were protected from the vulnerability before the attack, but many users had failed to keep their machines fully updated. Windows 7 updates itself unless instructed not to, which many people do out of habit. But those who delay these crucial updates risk infection by viruses or malware.

There has also been a tool developed to help users hit by the attack, which can potentially rid your machine of the virus. The WannaKey software allows users to get rid of the malicious encryptor and access their files again, and can be downloaded here