Global WannaCry Ransomware Cyberattacks: What We Know so Far

Fagjun | Published 2017-05-15 04:46

On May 12, the WannaCry ransomware began to hit multiple targets around the world. It crippled computer systems in dozens of countries and organizations, affecting operations and causing panic.

As of today, the malware has attacked computers in over 150 countries. According to Rob Wainwright, chief of Europol, the malware attacks have had 200,000 victims worldwide.

The criminals behind the attacks took advantage of a security flaw in the Microsoft Windows XP operating system. Because Windows XP is an older version of Windows, Microsoft has stopped providing support for it. However, Microsoft has been releasing security patches since March, but users haven't been using them. The patches didn't seem to be able to stop the attacks from spreading, though.

While the criminals behind the attacks remain unknown, security agencies around the world are working to identify the attackers. It's likely that a criminal syndicate is behind all this. Their motives are also unclear, aside from the demand for money.

Out of the loop? Here's A Guide to the Recent Ransomware Cyberattacks.

Second Wave of WannaCry Ransomware

How secure is your computer?

Experts now say that as the work week begins, the ransomware attacks may ramp up even more. When people return to their offices and turn on their computers, there will be more chances for the malware to spread. The malware also seems to target organizations rather than individuals.

After security measures addressed the malware last Friday, the criminals released a second, stronger version of the malware.

An anonymous 22-year-old researcher from Britain found the malware's “kill switch”. He claims that he found a concealed web address in the WannaCry ransomware code. He then registered the domain name, a move that redirected the attacks to the Kryptos Logic server. Kryptos Logic is a security company where the anonymous researcher works. The server was thus able to contain the malware and collect information about it.

However, while this was an ingenious move that slowed the attacks, many computer scientists are anticipating a third wave. There could also be a number of copycat attacks in the future.

Ransomware infects a computer and encrypts its files. The attackers will then demand ransom from the victim in exchange for regaining access to the files. The WannaCry ransomware attackers asked for 300 dollars' worth of the cryptocurrency Bitcoin. Victims need to pay up within three days, or the attackers will double the price. If the victim still hasn't paid after seven days, the attackers will delete the files.

Securing and Protecting

A digital ransom note
[Photo by SecureList / AO Kaspersky]

Authorities ask the public to refuse to pay should they fall victim to the malware, since doing so will only encourage the attackers. There is also no guarantee that the attackers will keep their end of the bargain and release hostage files after receiving payment.

The best way to deal with the threat of an attack from the WannaCry ransomware is to protect your computer and files. It's best to back up your files, install security fixes, and run antivirus programs. Also, do not click on links or open attachments in suspicious emails. In this case, the best defense is indeed the best offense.

Microsoft is now calling for a “Digital Geneva Convention” to discuss the role of governments in cybersecurity. While the world is understandably still reeling from the WannaCry ransomware attacks, time is of the essence. Governments around the world need to figure out how to best deal with these kinds of attacks before the third WannaCry wave begins or copycats start popping up.

Hey! Where are you going?? Subscribe!

Get weekly science updates in your inbox!