Why Russia's cyber defenses are so weak

'WannaCry' cyberattack halted
'WannaCry' cyberattack halted

Russia's reputation as a cyber-savvy nation that churns out computing experts has been undermined by this weekend's WannaCry ransomware attack.

The country had the largest number of computers infected in the massive cyberattack that has swept across the globe since Friday, according to security firm Kaspersky Lab. Avast, an antivirus company, said more than half of the 200,000 attacks it tracked targeted Russian users.

Experts said that Russia is particularly vulnerable to this kind of attack because of its aging computing infrastructure and lax approach to cybersecurity. There is also a huge amount of pirated software in circulation.

"[The attack] shows that a country supposedly at the forefront of cybersecurity and cyberwarfare has still proved vulnerable to code hidden inside email attachments that are used every day," said Greg Sim, the CEO of Glasswall Solutions, a security software company.

Russia's central bank acknowledged attacks on its computers, but said no data had been compromised. The state railway company and major telecoms firm Megafon were also hit. The Russian interior ministry said it was working to destroy ransomware on a small number of its computers.

President Vladimir Putin described the threat as serious on Monday, but said that it had caused "no significant damage" to the country's institutions.

The ransomware, also called WannaCrypt, locks down files on an infected computer and asks its administrator to pay in order to regain control of them. The ransomware takes advantage of a vulnerability leaked last month as part of a trove of NSA spy tools.

Inadequate defenses

Microsoft (MSFT) released a security patch that address the vulnerability in March, but Avast said more than 20% of Russian users have not updated their operating systems.

Sim said one big reason that Russia is vulnerable to attack is its "complacent reliance" on simplistic anti-virus defenses. Instead, companies and users should be upgrading to modern defenses with the ability to scan incoming email for potential threats.

"Anti-virus technology no longer works against threats that international hackers constantly redesign," he said.

Global cyberattack: A super-simple explanation of what's going on

The country's love of pirated software also played a big role in its vulnerability.

Pirated software

Nearly 65% of software in Russia is pirated, compared to 17% in the U.S. and 29% in the European Union, according to statistics compiled by industry group The Software Alliance.

Bogdan Botezatu, an analyst at cybersecurity firm Bitdefender, said that most users of pirated software avoid updating their operating systems. That helps users evade tests performed by software producers including Microsoft to establish authenticity, but it leaves them vulnerable to cyberattack.

The Software Alliance said piracy levels have risen in Russia in recent years, a trend fueled by a fall in the value of ruble. The currency's decline has made imported software more expensive and boosted demand for cheap illegal alternatives.

Worldwide cyberattack: Here's how to protect yourself

Russia first

Meanwhile, Russia has been trying to become less reliant on foreign software. Putin has been pushing for more home-grown options since 2014, when Moscow was slapped with Western sanctions over its involvement in the conflict in Ukraine.

The government issued a decree last year requiring state and municipal bodies to prioritize the use of software developed in Russia.

-- Samuel Burke contributed reporting.

Editor's note: Are you affected by the attack? Have you paid the ransom? You can WhatsApp us on +1 347-322-0415.

Social Surge - What's Trending

Mortgage & Savings


CNNMoney Sponsors