The WannaCry Ransomware on May 14, 2017
The WannaCry ransomware grabbed a lot of attention in May 2017 when it attacked about 2,00,000 computers across 150 countries. The WannaCry ransomware did a lot of damage, all of which ranged from hundreds of millions to billions of dollars. Though the source of emanation of the WannaCry cyberattack is still unknown, many believe that North Korea was behind the ransomware. This ransomware could have been even more costly had it been given some more time to flourish, but thanks to a patch developed by Microsoft, the kill switch to stop the spread was devised in four days.
Running Computers Windows to Demand the ‘Ransom’
Ransomware is a software which will block your access to your computer and only be unlocked after a certain sum is paid. In the case of the WannaCry ransomware, it was directed to the computers running Windows Operating System and would demand the ‘ransom’, about $300-$600 in Bitcoin cryptocurrency. The initial attack of the ransomware was on 12 May, 017 and within a day, it is believed to have transferred to about a couple hundred thousand computers, with India, Ukraine, Russia and Taiwan being the most affected countries. It is evident whoever developed this malicious software did it for the money, the experts still can’t say for sure who did it anyway.
Many big organizations across the world confirmed their computers being victim to the WannaCry ransomware. From the Honda Company to the Telkom network in South Africa, it’s safe to say this virus was the cause of major chaos in the time being. It also affected the computers of Fed Ex and Renault. Even the machines of a lot of government organizations throughout the world.
Vulnerability of Server Message
The Windows implementation of the Server Message block protocol was the vulnerability which let the WannaCry into a computer. The SMB port is for allowing the nodes on a computer network communicate, and the SMB packets were packed into executing an attribute code. The US National Security Agency is said to have discovered this vulnerability, and it was them who developed the code, the EternalBlue to exploit it. But, this code was later stolen by a hacking group called Shadow Brokers. Later on, this let the WannaCry use the EternalBlue itself to get into the Microsoft Computers and later on, Microsoft released the patch which could stop the outbreak. The patch that is used to cover the vulnerability was already released a month before the start of the outbreak, but many systems remain unpatched. So it didn’t take a lot for both, the virus to spread and for Microsoft to stop it.
Well, even though this is the story, there still are many unpatched computers out there, and we can’t say that the WannaCry cyberattack has come to an end. Even after the story of the virus leaving the big picture, recently, Boeing claimed to have fallen a victim of the WannaCry ransomware in March 2018. The damage was not considered high but still did create some problems. In your case, to be safe, make sure that you have the latest windows update installed, and that’s all.