Researchers are struggling to try to find early traces of WannaCry, which remains an active threat in hardest-hit China and Russian Federation, believing that identifying "patient zero" could help catch its criminal authors.
"Some organisations just aren't aware of the risks; some don't want to risk interrupting important business processes; sometimes they are short-staffed", said Ziv Mador, vice president of security research at Israel's SpiderLabs Trustwave.
To make things worse, Microsoft, which used to provide custom security software support to its clients for $200 for each system in 2014, doubled the cost to $400 in 2015, thereby discouraging the companies from upgrading their systems.
However, the Financial Times report points out that Windows XP users are still expected to pay extra if they want security and it now stands at $1,000 per device. However, the patch was only released to the newer version, Windows 10, while users of older versions, like Windows XP, were left pay large fees for so-called "custom" support. Despite the lack of cover, plenty of Microsoft's customers are still running older software that may still be vulnerable. Shadow Brokers, the group that is believed to behind the theft of the NSA hacking tools, has already threatened to put out more of these tools in the public. Infection levels spiked again in both countries this week and remained high through Thursday, according to data supplied to Reuters by threat intelligence firm Kryptos Logic.
However, a bug in WannaCry code means the attackers can not use unique bitcoin addresses to track payments, security researchers at Symantec found this week.
Now, art least some of the affected users may be getting some help.
The researchers said the tools are not ideal and only work if the infected computers have not been rebooted after being hit by the programme. Security experts agree that the best protection is to be on a modern, up-to-date system that incorporates the latest defense-in-depth innovations.
WannaCry landed nine weeks after Microsoft's patch arrived.
A loose-knit team of security researchers scattered across the globe said they had collaborated to develop a workaround to unlock the encryption key for files hit in the global attack, which several independent security researchers have confirmed. "What we have seen now is only the tip of the iceberg", the officer cautioned.