Guest networks are open invitation for WannaCry and similar attacks

You might be sick of hearing about this summer’s blockbuster ransomware hit WannaCry and all of its horrible sequels, but hackers aren’t getting tired of locking up your system and files. And if you thought you’re safe because you aren’t running Windows OS, you’re wrong.

Since the WannaCry attack, information security pros have been scouring for any vulnerabilities in other systems that could be exploited. Those efforts have been paying off. For example, researchers at Shodan, an IoT and network search engine, have found an exploit that affects millions of Linux-based devices.

WannaCry was an exploit that took advantage of Server Message Block (SMB) access, an exposed port that allowed the malware to get onto the system and encrypt its files. As it turns out, while the virus was developed specifically for Windows OS, there’s a Linux version that’s out there as well called SambaCry.

Exploit affects multiple systems

One of the most alarming statistics Shodan discovered was 42% of Linux device administrators were enabling SMB guest access, which is practically inviting in SambraCry.

The malware works by taking advantage of an exploit found in Samba, a common Linux software. So common, in fact, that 90% of devices that allowed guest SMB were also running Samba.

There is some good news: Less than half of those devices haven’t installed Window’s patch that protects systems from WannaCry and SambaCry. This means the majority have taken proactive steps to defend their users’ data and prevent their data from being encrypted.

Microsoft has done its part and plans to stop supporting SMBv1 for all new Windows installations in the fall, since this is how WannaCry spreads from computer to computer. But even if Microsoft stops support for a system, that doesn’t necessarily mean people will upgrade to one that is receiving regular updates. Otherwise, we wouldn’t be seeing people still using XP.

If you’re in that boat, at least make sure to shore up your defenses and double-check you aren’t allowing guests on your network to have access to areas where they could potentially cause damage.