As companies around the world have patched their Microsoft (MSFT) Windows operating systems, the next round of WannaCry ransomware could strike organizations that have not uploaded security fixes.
While WannaCry rampaged through more than 100 countries over the weekend, security researchers identified a "kill switch" within the ransomware that slowed the expansion. New versions of the malware are already emerging that could revitalize the cybercrime wave, however.
Wedbush analyst Steve Koenig noted in a Monday report that hackers are already reworking ransomware without the kill switch. "Until hundreds of thousands of unpatched Windows systems have been updated, a WannaCry 2.0 campaign could effectively pick up where Friday's attack left off," he wrote.
The WannaCry ransomware has its roots in an April posting by a group called the Shadow Brokers, which released information about a weakness in Windows that the NSA allegedly discovered.
Microsoft had already released fixes to the vulnerability in March, but has provided further updates and reminders to users.
Organizations around the world had not updated their machines by the time hackers unleashed WannaCry on Friday, however. U.K.'s National Health Service, FedEx (FDX) , Nissan and more than 30,000 organizations in China have been hit by the ransomeware. Heimdel Security reports that there are more than 200,000 victims in 150 countries.