Upon encrypting files, WannaCry demands a ransom in the form of Bitcoin ($300-$600 per computer affected). By identifying and using file-sharing arrangements on a computer, WannaCry can infect additional computers within the same network. Once the vulnerability has been exploited, the ransomware installs encryption software remotely on the affected computers. The unpatched vulnerability in Microsoft Windows allows WannaCry code to spread quickly on computers that have not applied the security update. The NSA developed it as a means of enabling surveillance. As a result of the NSA’s discovery of EternalBlue, WannaCry exploits the vulnerability in Microsoft Windows. WannaCry is effective against computers with Microsoft Windows that do not have a security patch (patch “ MS17-010“). Many of these systems remain vulnerable today as hundreds of thousands of systems were not updated in time. The WannaCry worm has been referred to as a “study in preventable catastrophes” because Microsoft issued a patch two months before it became known worldwide in 2017. In May 2017, WannaCry made headlines when it infected the National Health Service (NHS) and other organizations across the globe, including government institutions in China, Russia, the United States, and most of Europe. WannaCry is a ransomware worm that exploits SMB V1 vulnerability ( CVE-2017-0144) and caused a worldwide cyberattack by encrypting data and demanding ransom payments in Bitcoins from computers running Microsoft Windows.
0 kommentar(er)
