The WannaCry outbreak is the largest ransomware attack on record so far with the majority of devices infected within a single day. With all the different news stories out there, we thought we’d put together this infographic to highlight the main points. Enjoy!
1. The virus infected some 200,000 computer systems in 150 countries in a single weekend.
2. WannaCry is a ransomware virus.
The primary objective of this viral infection is to encrypt all of the data on targeted systems, rendering the data inaccessible until the owner pays a ransom to the hackers.
3. The hackers reportedly only made about $50,000 from plunging the world into panic.
The ransom demanded from WannaCry victims reportedly ranged from $300 to $600, with a threat that higher payments would be demanded if victims did not pay up quickly.
4. Victims often pay the ransom demanded.
Security analysts say that over 200 of the WannaCry victims who promptly paid the ransom have gotten their data back.
5. A vulnerability in Microsoft Windows allowed the WannaCry hackers to strike.
The WannaCry virus exploits a bug in Windows networking protocol, which Microsoft patched in March, possibly after receiving a heads-up from the U.S. intelligence community.
6. Britain’s National Health System was among the biggest victims.
The NHS still runs Windows XP on many of its computers, so it became one of the biggest ransomware victims.
7. Microsoft blames the National Security Agency and other intel services for hoarding exploits.
“The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency [NSA] in the United States” —Microsoft’s chief legal officer and president, Brad Smith.
8. The “Shadow Brokers” disclosed the NSA code used in WannaCry.
Several weeks ago, a hacker group called the Shadow Brokers published a set of powerful malware tools purportedly stolen from the NSA.
9. The stolen NSA code appears to be the reason WannaCry spread so quickly.
The recent ransomware attack was “souped up” or “turbocharged” with the NSA’s tools.
10. A British IT expert temporarily halted the spread of the virus.
Quick action from a British computer tech, called “MalwareTech” stopped the spreading of the virus by finding its “kill switch”.
11. New versions of WannaCry appeared soon after the kill switch was thrown.
It did not take long for new instances of the virus to appear with the kill switch code removed and now, we’re in a “second wave”.
12. The Department of Homeland Security is involved in the U.S. response.
The DHS released a statement acknowledging reports of WannaCry infections “affecting multiple global entities.”
13. The next wave of WannaCry attacks does not seem as bad as experts feared.
There was great anticipation that a new wave of attacks would hit on the following Monday, but it didn’t end up as badly as expected.
14. The WannaCry perpetrators were sloppy.
One reason the attack is tapering off quickly after a terrifying weekend is that the perpetrators were “sloppy” cybercriminals who made “amateur mistakes at practically every turn”
15. Defending against WannaCry and other ransomware.
Keep up-to-date with Windows (and all) patching! Consider a Managed IT Provider, like www.UTGsolutions.com.