Guest Post: The Whos and Whats of WannaCry

Perry Holdsworth, our Sales & Marketing intern at Fornetix, gives us a primer on the recent WannaCry ransomware attack that has wreaked havoc on global networks.

What is it?

On May 12, 2017, malware known as WannaCry viciously attacked large organizations and networks around the world, invading computers and holding hostage the data they contain. The ransomware strategically infected computers by using a previously unseen vulnerability recently exposed in NSA document leaks.

What’s the process?

Ransomware like WannaCry starts by encrypting files on a person’s computer and then asking for payment to decrypt the files and release the information. In the case of WannaCry, $300 worth of bitcoin must be paid before three days or the amount will double. Worse, if no payment is received after seven days, the ransomware will delete all files with no hope for recovery.

Who was targeted?

WannaCry targeted Windows PCs in over 150 countries across the world and infected more than 200,000 systems. The most notable victim in this attack was Britain’s National Health Service, forcing hospitals to alter their plans and transport emergency patients to different hospitals.

What’s next and what have we learned?

Even though the WannaCry attack has passed, it’s still not safe to say we are in the clear from ransomware. In fact, many cybersecurity firms are recommending users find strategies to help repel or defend themselves against attacks in the future. Some of those strategies include having a talented IT team, a great defensive program against threats, and superior network infrastructure.

One major lesson learned from this event is that ransomware attacks are easy to start. Many people can start them — even your employees. Consequently, firms must train and educate their people to help prevent these attacks from happening again in the future.

Another lesson from this event is to always stay up to date on patches. WannaCry was able to infect Windows computers because they were not installing patches. This allowed WannaCry to infiltrate companies’ networks with minimal effort. Always make sure you are up to date on patches so no ransomware software can infect any of your networks or computers.

WannaCry is just the beginning of ransomware. Inevitably, something more powerful will take its place and we must take the right steps in order to ensure we are fully prepared when the time comes.