Connect with us

Hi, what are you looking for?


Malware & Threats

One in Ten U.S. Organizations Hit by WannaCry: Study

A recent survey discovered that the vast majority of organizations in the United States weren’t prepared for the WannaCry ransomware attack, but just one in ten ended up being infected by the malware.

A recent survey discovered that the vast majority of organizations in the United States weren’t prepared for the WannaCry ransomware attack, but just one in ten ended up being infected by the malware.

WannaCry stormed the world in mid-May by leveraging a previously patched exploit called EternalBlue, which hacker group Shadow Brokers allegedly stole from the NSA-linked Equation Group. The ransomware mostly infected Windows 7 computers that hadn’t been patched in due time, and also revealed the destructive impact of a global outbreak. NotPetya confirmed the risk in late June.

According to a survey (PDF) from software lifecycle automation solutions provider 1E, 86% of the organizations in the U.S. had to “divert significant resources” to safeguard themselves during the WannaCry attack. Only 14% of the respondents revealed their organization was prepared for such an attack.

The study also shows that 86% of organizations don’t apply patches immediately after they are released, thus leaving endpoints and entire networks exposed to such attacks. While 14% of respondents said they apply patches immediately, 36% apply them within one week after release, and 27% need up to a month for that, while 23% don’t apply patches within a month after release.

It’s no surprise that 70% of the 400+ U.S. IT professionals responding to the survey said they had to work over at least one weekend as a result of the WannaCry attack, while one in ten admitted to having worked three or more weekends.

The fact that most organizations aren’t prepared for attacks that exploit already patched vulnerabilities is also reflected in the percentage of respondents who said they already migrated to Windows 10: 11%. While 53% said they are currently migrating to Microsoft’s latest platform iteration, 28% said they are planning on doing so this year or the next, while 8% said they had no such plan.

Following the WannaCry incident, awareness appears to have increased regarding the benefits of applying the necessary patches in due time. 71% of respondents said their intent to stay updated has improved (the percentage rises to 87% when infected organizations are concerned), while 74% said “the experience of reacting to WannaCry has left them better prepared for future threats.”

However, 87% of organizations aren’t taking steps to accelerate their migration to Windows 10, despite the looming risks. Furthermore, 73% of respondents said management didn’t make more resources available to IT to help it apply patches faster and/or accelerate its OS migration.

Advertisement. Scroll to continue reading.

“There is growing a concern that we have entered an era in which this kind of attack becomes the new normal. It’s more important than ever that organizations stay current and ensure that software is kept up-to-date and fully patched at all times. WannaCry was a huge wakeup call that elevated security concerns to boardroom level — IT teams can’t afford to leave their organizations exposed,” Sumir Karayi, founder and CEO of 1E, said.

Related: Why WannaCry Really Makes Me Want to Cry

Related: Can We Ever be Prepared for the Next WannaCry?

Related: The Impact of WannaCry on the Ransomware Conversation

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.


The recent ransomware attack targeting Rackspace was conducted by a cybercrime group named Play using a new exploitation method, the cloud company revealed this...

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.