WannaCry: The biggest ransomware outbreak in history. How it works?

Frederick Owens
May 19, 2017

After taking computers over, the virus displayed messages demanding a payment of $300 (£230) in virtual currency Bitcoin to unlock files and return them to the user.

The attack, already believed to be the biggest online extortion scheme ever recorded, is an "escalating threat" after hitting 200,000 victims across the world since Friday, according to Rob Wainwright, the head of Europol, Europe's policing agency.

"There are other criminals who've launched this attack, and they are ultimately responsible for this", he said from his home in Oxford, England.

But the agency added that some infections may not yet have been detected, and that existing infections can spread within networks.

In the event that a computer is infected with malware, experts say that users should not pay the ransom as there is no guarantee that the files will be returned and whether the perpetrators will refrain from attacking the user again. But U.K. hospitals, Chinese universities and global firms like Fedex also reported they had come under assault.

Europol's Wainwright underscored the point Sunday.

WannaCrypt exploits a Windows vulnerability patched in March by Microsoft.

The Japan Computer Emergency Response Team Coordination Center said 2,000 computers in Japan were reported affected so far, citing an affiliate foreign security organization that it can not identify.

Microsoft had issued a patch for the security flaw, but it appears that not all systems have installed the patch.

Patch your computers. They should have the latest software update.

More news: Facebook to stream MLB game each Friday starting this week

The spread of the WannaCry ransomware attack slowed over the weekend but the respite might only be brief, experts have said. Up-to-date Windows 10 systems were already protected from the attack.

In Britain, the attack disrupted National Health Service (NHS) facilities, forcing ambulances to divert and hospitals to delay operations.

The ransomware attack struck British National Health Service organisations, along with computer networks of companies and municipalities in dozens of other countries.

Organisations were discouraged from paying the ransom, as it was not guaranteed that access would be restored.

The patches are now available for the old Windows XP operating system as well as Windows 8 and Server 2003. Pyotr Lidov, a spokesman for Megafon, said Friday's attacks froze computers in company's offices across Russian Federation.

The Japan Computer Emergency Response Team Coordination Center, a nonprofit providing support for computer attacks, said 2,000 computers at 600 locations in Japan were reported affected so far.

United Kingdom defense secretary Michael Fallon said Sunday that Britain's nuclear submarines were safe from cyberattack.

Marin Ivezic, cyber security partner at PwC, said some clients had been "working around the clock since the story broke" to restore systems and install software updates or restore systems from back-ups.

The company's top lawyer said the government should report weaknesses they discover to software companies rather than seek to exploit them.

How to protect your computer from this or any other kind of ransomware? Here's how to turn automatic updates on. Soon after the leak, hackers infected thousands of vulnerable machines with a backdoor called DOUBLEPULSAR.

Other reports by LeisureTravelAid

Discuss This Article

FOLLOW OUR NEWSPAPER