Survey: Security Incidents like WannaCry Happen Multiple Times a Year

Nearly half of cybersecurity professionals in a recent survey said that there have been other security incidents like the recent WannaCry attack that they worked on just as frantically without the public ever hearing about it.

The noteworthy—and somewhat alarming—findings of this survey come from Farsight Security, Inc., a provider of historic and real-time passive DNS (domain name system), which conducted the study at Infosecurity Europe 2017 in London earlier this month. The responses came from 360 information security professionals.

Of the 49 percent of respondents who said yes to the question of if there have been security incidents like WannaCry at their organizations, nearly three quarters (72 percent) said that this type of event, requiring them to work frantically to protect networks from attack, had happened three times in the last year alone.

“WannaCry made the headlines and got the general public listening, however, cybersecurity professionals actually work on incidents like this all throughout the year,” Paul Vixie, Ph.D., CEO and co-founder of Farsight Security, said in a statement.

And, of the 49 percent of respondents who reported other WannaCry-like incidents that were shielded from public view, 20 percent said that these major security events have happened up to six times over the last year alone. “It is easy to forget how common these attacks are and how hard these security professionals are working to keep our national infrastructure and our data secure,” according to Farsight officials.

The WannaCry ransomware attack began on May 12, 2017, and within a day was reported to have infected more than 230,000 computers in over 150 countries. The phenomenon virtually shut down several dozen regional health authorities within the National Health Service of the United Kingdom, in addition to impacting the operations of other diverse entities. As Farsight officials noted, “The WannaCry ransomware exploits a vulnerability in Microsoft Windows, for which a patch was released. However, many corporations do not automatically patch their systems due to issues that a Windows update can cause to their legacy software programs. So, despite the patch being released, not updating left hundreds of thousands of devices open to attack, and held to ransom.”