WannaCry Ransomware


(Warren White M.S. Cybersecurity) #1

As I am sure you may have heard about this WannaCry ransomware over the news lately, it was sweeping Europe very quickly. It was reported to have spread to over 150 countries. A payment of $300 is demanded by this ransomware in order to unencrypt your files. It is estimated to have affected over 300,000 computers and the infection rate has started to decline. It has hit all types of targets; targets including personal computers, whole organizations, networks, and more.

The exploits from the attack were used mirroring exploits stolen from the National Security Agency (NSA). the NSA claims that it was not originally built for ransomware purposes. It brings up the question of what else they have up their sleeves. Though Microsoft came out with a patch to fix the vulnerability, not enough people were able to apply it to their system in time. This exploit was reported stolen in April 2016.

In China, 40,000 businesses and institutions were hit with this attack. There are many cases where users are unable to patch this issue because they were using a pirated version of Microsoft. PetroChina, one of the largest oil companies in China, were unable to process electronic payments at their gas stations over the weekend. A prestigious college campus was hit and students were unable to access their final papers.

There were several large manufacturers in Japan that also fell under the WannaCry ransomware attack. Hitachi reported 7 of their systems being locked and encrypted leaving email and other secondary functions inaccessible. Hospital computers in Easter Japan were infected to an unknown degree.

In India, the Andhra Pradesh police department had over 100 systems infected as well as power utilities reporting issues.

In Europe, the health care system was attacked leading to an emergency meeting to discuss the ransomware. Renault and Nissan reported getting infected by the attack.

In England, there was a security expert that found a way to fix the issue. Though the fix came by accident it was seen as effective. He purposely sent out to fight against it initially, however. A domain was used as a “kill switch” to the attack.

Here is a link to the article that I found on it. Pretty interesting and frightening stuff. Be on the lookout everybody!

http://www.npr.org/sections/thetwo-way/2017/05/15/528451534/wannacry-ransomware-what-we-know-monday