Everything you need to know about the WannaCry ransomware attack
By now, you’ve probably read about WannaCry, the ransomware responsible for cyberattacks worldwide that might be orchestrated by hackers in North Korea.
But what exactly is it and who is at risk? We spoke with an expert from a cybersecurity company: Jack Danahy, CTO of Barkly.
What is ransomware?
“The most common forms of ransomware take advantage of a user executing a code or visiting a website, which will encrypt a variety of different kinds of content important to that user,” Danahy said. “Having done that, it throws up a screen that says, ‘If you ever want to see this data again, send me money.’”
The data that is literally being held for ransom can be any file from text documents to photos. If you don’t pay by the designated time — usually in Bitcoin, which is an anonymous currency — the data is deleted.
Why is WannaCry so effective?
“What makes WannaCry different and why it spreads so rapidly is that it takes advantage of a vulnerability in an earlier released version of Microsoft software,” Danahy said.
WannaCry uses an exploit (a sequence of commands that starts an attack) to take advantage of this vulnerable software. The exploit was released about two months ago by a group called Shadow Brokers, who said that they took this tool from the National Security Agency.
Who is vulnerable?
Anyone using Windows is vulnerable, experts said — Apple and Linux operating systems are not affected. That means anyone, from your home computer to hospitals or any company network.
WannaCry is slowing down, so is there still reason to worry?
In a word: Yes.
There could be more attacks to come, Danahy said. Remember the exploit that made WannaCry so pervasive to so many different computers by taking advantage in the software’s vulnerability?
“The people who released these exploits into the wild had gone silent for some time and just popped up again following WannaCry,” Danahy said. “We see that they’re now saying that they’re going to be selling new exploits starting in June.”
Some of the WannaCry code is similar to past North Korean hacks, some say.