T: 01984 640214          Email: David                  M: 07967237692

Home About Us Tip of The Month Latest News Online Shop

What Is WannaCry Ransomware

Claiming over 200,000 computers in 150 countries, the world has never seen a more widespread, or damaging cyber attack in history. In the aftermath.


The WannaCry ransomware attack is an ongoing worldwide cyberattack by the WannaCry ransomware cryptoworm, which targets computers running a Microsoft Windows Operating System by encrypting data and demanding ransom payments in the Bitcoin crypto currency.  


The attack started on Friday, 12 May 2017, and has been described as unprecedented in scale, infecting more than 230,000 computers in over 150 countries.  The worst-hit countries are reported to be Russia, Ukraine, India and Taiwan, but parts of Britain's NHS, Spain's Telefónica, FedEx and Deutsche Bahn were also hit;  along with many other countries and companies worldwide.


WannaCry spreads across local networks and the Internet to systems that have not been updated with the most recent security updates, to directly infect any exposed systems. To do so it uses the EternalBlue exploit developed by the U.S. National Security Agency (NSA), which was released by The Shadow Brokers two months before.  A "critical" patch had been issued by Microsoft on 14 March 2017 to remove the underlying vulnerability for supported systems, nearly two months before the attack, but many organizations had not yet installed this patch.  Those still running exposed older, unsupported operating systems such as Windows XP and Windows Server 2003, were initially at particular risk but Microsoft has now taken the unusual step of releasing updates for these operating systems to all customers.


Shortly after the attack began, a web security researcher who blogs as "MalwareTech" discovered an effective kill switch by registering a domain name he found in the code of the ransomware. This greatly slowed the spread of the infection, however new versions have now been detected that lack the kill switch.  As per official news agencies reports, the cyber attack has slowed down drastically and has died down as of 19 May 2017.



© Copyright 2011, All Rights Reserved - Designed & Updated by Black Cat Computers