In 2017, approximately 300,000 computers worldwide were infected by the WannaCry ransomware, a crypto ransomware worm that affects Windows PCs. This malware spread primarily through corporate network PCs, encrypting critical files and demanding a ransom be paid for decryption. Due to a lack of preparation for such attacks, victims typically did not receive their files in return, regardless of whether the ransom was paid. This attack created serious and dangerous disturbances for a variety of companies, online communications, hospitals, and banks across the world.
This WannaCry worm proved advantageous not only because of its ability to jump from network to network, but also because the nature of worm malware does not require computer users to click a link or interact with an infected file for the malware to activate. The WannaCry worm was able to exploit a weakness in Microsoft’s server message block to spread across the network.
In total, up to 300,000 computers in 150 countries were infected, affecting various companies, hospitals, and banks. In one case, Britain’s National Health Service saw its forty hospitals simultaneously attacked and compromised, causing “canceled surgeries, medical appointments, and lab results on hold.”
Eventually, the rapid spread of the WannaCry Ransomware was effectively stopped by British researcher Marcus Hutchins. Research revealed that in order for the malware to activate, the code required an attempt and failure to open an unregistered faulty web address. Hutchins simply registered the URL, stopping the worm before it could activate.
Despite the initial widespread catastrophe coming to a close, effects from this malware are still felt today. There were even appearances of new variants of the worm that operated without the kill-switch URL during the COVID-19 pandemic. While the WannaCry ransomware will likely never pose as widespread of a threat as it did in 2017, the vulnerabilities which allowed the attack to occur show us the importance of proper cybersecurity measures, especially as reliance on technological resources increases over time.
The global reach of the WannaCry Ransomware attacks and the general unpreparedness to such attacks across a wide range of industries demonstrated the need for a prioritization of cybersecurity due diligence. It’s crucial to stay educated and keep up to date with cybersecurity measures that prevent you from becoming a target. For more information, check out some of our previous blog posts:
Sources:
- https://www.mimecast.com/blog/all-you-need-to-know-about-wannacry-ransomware/
- https://www.jstor.org/stable/pdf/27021830.pdf?ab_segments=0%252Fbasic_search_gsv2%252Fcontrol&refreqid=excelsior%3A437b6ea94971dab158c3331dff5ce5c5
- https://www.jstor.org/stable/pdf/26441292.pdf?ab_segments=0%252Fbasic_search_gsv2%252Fcontrol&refreqid=excelsior%3A9651af8ce67d99721ce1a0cc43f0997b