7 Things You Need to Know About the WannaCry Ransomware
The WannaCry ransomware has taken the world by storm since Friday when it first started to wreak havoc on organizations including FedEx, Telefonica, and many others
Ransomware is nothing new, but WannaCry has had an unprecedented impact. Here's what you need to know.
The WannaCry ransomware has a wide reach, hitting more than 200,000 PCs in at least 150 countries.
Among the ransomware victims include Britain’s National Health Service; the WannaCry ransomware attack hit more than 50 hospitals, forcing the cancelation of surgeries, routine appointments, and scans.
Few payments have been made in response to WannaCry, according to Europol, who said that the amounts being demanded are “relatively small…$300 rising to $600 if you don’t pay within three days.”
But according to Bloomberg, “Researchers who tracked the bitcoin addresses hardwired into the malware found that tens of thousands of dollars had been paid before the spread of the virus was halted by a cybersecurity expert who accidentally found a flaw in WannaCry.”
The techniques used in the ransomware attack were stolen from the National Security Agency. According to Bloomberg, “Its main element was developed by the NSA, not the hackers—a vulnerability codenamed Eternalblue, which allowed the agency to commandeer old, pre-Windows 10 versions of the Microsoft operating system.”
Europol said the ransomware attack was “criminally minded”; others have suggested that it may have originated in Russia.
The largest number of attacks occurred in Russia and the Ukraine. As security expert Ian Trump told Penton Technology's T.C. Doyle: “Let’s be clear, the Russians have an absolute history of using their own people with a cavalier consideration to their own health and welfare,” he says. “So testing your own national infrastructure in this kind of heinous attack, to me, totally goes to the Russian mentality. They want to be ready for when the NSA launches something on them.”
The ransomware attack has reignited a debate around whether governments should be “hoarding vulnerabilities for their own use instead of flagging them to companies like Microsoft in the interest of public safety.”
In a blog post, Microsoft’s chief legal officer Brad Smith said, "This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017," he wrote. "We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage."
Some believe this attack could hurt Microsoft’s OS market share — and possibly make room for a Chinese alternative, which Bloomberg columnist Tim Culpan said should make Chinese president Xi Jinping happy.
"Things have changed since China last attempted to build an OS. Its military and security agencies now employ thousands of people for the purpose of finding, penetrating and exploiting foreign computer systems, and their efficacy is testimony to the nation’s advancement in software engineering. Meanwhile, its multilateral trade and assistance policies help build infrastructure in developing countries that paint China as a friendly, helpful ally."
Some believe this attack could hurt Microsoft’s OS market share — and possibly make room for a Chinese alternative, which Bloomberg columnist Tim Culpan said should make Chinese president Xi Jinping happy.
"Things have changed since China last attempted to build an OS. Its military and security agencies now employ thousands of people for the purpose of finding, penetrating and exploiting foreign computer systems, and their efficacy is testimony to the nation’s advancement in software engineering. Meanwhile, its multilateral trade and assistance policies help build infrastructure in developing countries that paint China as a friendly, helpful ally."
The WannaCry ransomware has taken the world by storm since Friday when it first started to wreak havoc on organizations including FedEx, Telefonica, and many others, until a cybersecurity researcher from the U.K. – known only as MalwareTech – found and inadvertently activated a kill switch in the software, effectively stopping the spread of the virus.
Here are 7 things you need to know about WannaCry. Click through the slideshow for more.
About the Author(s)
You May Also Like