Skip to main content

WannaCry Ransomware Attack: 5 Things We Learned About Online Security

* The ransomware specifically targeted Windows computers
* The attack reportedly affected more than 30,000 computers around the world
* Networks were affected through a simple email trojan

It’s been a week since the WannaCry fallout, a massive ransomware attack that spread across more than 150 countries in nearly as many hours. The WannaCry ransomware is a malicious trojan that infects Windows computers through an email link or attachment. Unsuspecting users who open these random emails and click on the links immediately activate the program. Here’s what we’ve learned.

1. The Ransomware Freezes Accounts and Holds Them For Ransom
When WannaCry infects a computer, the ransomware will send a pop-up message with a countdown clock asking for a $300 deposit in Bitcoin. After three days the ransom increases to $600; after seven days the ransomware deletes your files and moves on to another target. Analysts say more than $30,000 has been deposited so far.

2. Unverified Reports Place The Blame on The NSA
Experts believe the WannaCry code was actually taken from leaked NSA documents. The government has neither publicly denied or confirmed this, though the “Eternal Blue” exploit that was used to hijack these systems was included in the classified NSA docs released by a rogue group called the Shadow Brokers a few months ago.

3.  Trojan’s Spread Was Likely Halted by an Unlikely Hero
While the ransomware attack was one of the biggest we’ve seen in years, it actually could have been a whole lot worse. Luckily, a 22-year-old researcher unintentionally stumbled on a kill switch that locked that ransomware and prevented it from spreading to the US as quickly as it did in Europe. Look forward to the inevitable Hollywood movie in a few months.

4. WannaCry Specifically Attacks Windows Machines
The ransomware was designed to exploit a security hole in Windows computers, specifically targeting different operating systems. Incidentally, new research from Kaspersky indicates nearly 98% of all computers affected were running Windows 7. More than that, this type of ransomware preyed on systems that were out of date.

5. People Are Still at Risk
Because of the nature of email trojans, this type of ransomware could continue until a particular patch is made. A good rule of thumb is to not open any unknown email attachments. Also, Windows users should make sure they have the latest software updates downloadedAs WannaCry essentially infiltrates your network through a flaw in your system, having the latest updates will help keep you safe.