WannaCry explained: What is WannaCry ransomware and how does it work?

Angelica Greene
May 19, 2017

"There are plenty of reasons people wait to patch and none of them are good", said Mador, a former long-time security researcher for Microsoft. The attack, which is still unfolding, is now a fight between whitehat hackers, companies like Microsoft and the criminals attempting to run the world's biggest extortion scheme. However the department's data and computer network remained intact as they work on Linux and Ubuntu operating systems. It spreads on its own like a real virus. Hackers made use of a vulnerability that existed in Microsoft Windows.

A security expert in England has been hailed as an "accidental hero" for quashing the spread of the initial version of the ransomware late Friday.

Those hit by WannaCry also failed to heed warnings previous year from Microsoft to disable a file sharing feature in Windows known as SMB, which a covert hacker group calling itself Shadow Brokers had claimed was used by NSA intelligence operatives to sneak into Windows PCs.

Microsoft also issued a security patch for older Windows operating systems that are no longer supported: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86 and Windows 8 x64 directly from Microsoft.

Users of older software, such as Windows XP, had to pay hefty fees for technical support, it added. "I would expect NHS trusts to learn from this and to make sure that they do upgrade". The code for the vulnerability was leaked online by a hacking group, known as Shadow Brokers, in April, making its exploitation nearly inevitable.

Microsoft declined to comment for this story.

In the wake of the massive cybersecurity attack, Microsoft issued a statement regarding the WannaCry ransomware and how everyone needs to come together to be able to prevent such incidents from happening again.

Driver charged with murder in Times Square crash
Test are pending, but given his history, sources say DWI is investigators' leading theory for the cause of the crash. Law enforcement sources Rojas appeared to be under the influence of drugs or alcohol when he was taken into custody.

Former Fox News CEO Roger Ailes dead, network says
In early 1996, he accepted a challenge from media titan Rupert Murdoch to build a news network from scratch to compete with CNN. Ailes denied the allegations, saying the reason her contract was not renewed was due to "disappointingly low ratings".

Howard fastest, Honda dominates Indianapolis 500 practice
There's not a lot of drivers who would be willing and able to miss races in their own championships to come do this. That said, Alonso isn't yet thinking about making the move to racing in the United States on a more regular basis.

Last month, a group known as the Shadow Brokers leaked hacking tools allegedly used by the National Security Agency to hack into computers powered by Microsoft's Windows.

Hackers have since updated the ransomware, this time without the kill switch.

The 22-year-old cyber security researcher who tweets as [email protected]', stumbled upon a kill switch in the code of the ransomware that struck NHS hospitals across the United Kingdom on Friday.

State media in China reported that hundreds of thousands of devices there were infected. For your system to become infected, you'll have to click on or downloading the attachment or file, which causes the program to run and infect your computer with ransomware. The company is crunching data to arrive at a firmer estimate it aims to release later Thursday. Bossert said U.S. officials had not ruled out "state action" it appeared to be criminal, given the ransom requests. Matthieu Suiche, a security researcher, was able to find two new variants of WannaCry. The result: "Users unlikely to get files restored", the company's Security Response team tweeted. Software experts said that the group's dump of N.S.A. tools in April included additional exploits that are "wormable" - meaning they could spread rapidly, like the ransomware attack - and that it might well have more N.S.A. malware it has not yet released.

MPs and peers have been urged not to access personal email on their parliamentary computer systems as the WannaCry ransomware continues to spread.

Not everyone has taken ransomware seriously enough, and that includes organizations and users that need to defend against ransomware; companies that develop the software platforms and can create better protections against ransomware; and governments, which prefer to hoard vulnerabilities instead of aiding firms in fixing the flaws in their software.

WannaCry landed nine weeks after Microsoft's patch arrived.

Other reports by GizPress

Discuss This Article