The WannaCry Ransomware Attack

Posted on June 05, 2017

The WannaCry cyberattack began spreading across the internet on the 12th of May 2017, first in Britain and Spain, and then around the world before it was shutdown on the 15th of May. It reached over 230,000 computers in 48 hours, which is an unprecedented scale of infection according to Europol, Europe’s international police agency. WannaCry rendered useless some of the computers that help run Britain’s National Health Service (NHS), machines at Telefónica, Spain’s biggest telecommunications company; at Hainan, a Chinese airline; and even in Russia’s interior ministry.

Malicious software (“malware”, for short) is designed to infect and damage computers. It is usually written for profit, which seems to have been the case for WannaCry, the modus operandi of which is to encrypt a victim’s files and demand payment to reverse that encryption—a common technique, known as ransomware. What makes the WannaCry attack special is its scale and the high-profile nature of its victims.

WannaCry is a combination of two kinds of malware. One, known as a worm, is designed to spread from computer to computer. The other, delivered by the worm, is the encrypting ransomware itself. It is this combination that has made WannaCry so threatening. Ransomware is usually delivered one user at a time, via spoof e-mails which tempt the recipient to click on a link or attachment that then downloads and activates the software. In this case, a single click was able to infect an entire network.

The outbreak was terminated not by official action but by vigilantism. The malware was shutdown by a security consultant who goes by the pseudonym “MalwareTech”. MalwareTech discovered that every time a copy of WannaCry runs, it pings out onto the internet a request for a response from a non-existent web address. This behaviour is intended to check that the copy in question is truly out in the wild, and is not being examined in a “sandbox”, a closed piece of software in which security researchers can dissect digital bugs to learn their secrets.

Read the full story here

Other Works