WannaCry Ransomware Attack
Cyber attackAbout
The WannaCry ransomware attack was a global cyberattack that occurred in May 2017, affecting over 200,000 computers across 150 countries. It targeted systems running Microsoft Windows by encrypting data and demanding Bitcoin payments for decryption. The attack exploited the EternalBlue vulnerability, a tool developed by the NSA and leaked by The Shadow Brokers. Despite Microsoft releasing patches before the attack, many systems remained unpatched, facilitating the spread of WannaCry. WannaCry's unique worm functionality allowed it to spread automatically without user interaction, unlike typical ransomware attacks that rely on phishing or social engineering. The attack was halted by a "kill switch" discovered by Marcus Hutchins. Estimated damages ranged from hundreds of millions to billions of dollars. The attack was attributed to North Korea's Lazarus Group, though this remains unconfirmed. It highlighted the importance of keeping software up-to-date to prevent similar attacks.
