By Adri Faris, Xinhua News Agency
The WannaCry Ransomware attack is a worldwide cyberattack that first started on 12 May 2017 (Friday). Computers running Microsoft Windows operating systems were targeted. Data were encrypted and ransom payments in the Bitcoin cryptocurrency were demanded.
The scale of this attack is unprecedented. In a day, over 230,000 computers were infected in over 150 countries, including those which run Britain’s National Health Service (NHS), Germany’s national railway system Deutsche Bahn as well as other government agencies and companies worldwide like FedEx.
Computers that have not been updated with recent security updates are at a higher risk. Those which were still running older operating systems such as Windows Server 2003 and Windows XP were initially at particular risk. However, the day after the outbreak, Microsoft took the unusual step of releasing updates for these operating systems too. Almost all victims were running Windows 7.
The WannaCry virus takes advantage of a flaw in the Microsoft Windows systems and encrypts data found on these systems. Cyber criminals then demand a payment in return for unlocking the files, through Bitcoin, the online cryptocurrency.
Reports have also revealed that the U.S. National Security Agency (NSA) had discovered the vulnerability in the past, but instead of informing Microsoft, had built the EternalBlue exploit for their own offensive work. It was only when the existence of this was revealed by The Shadow Brokers that Microsoft became aware of the issue, and could produce a security update. Microsoft has slammed the US government for developing the computer vulnerability that was used in this attack.
In China, 29,372 institutions had been infected along with hundreds of thousands of devices – according to Threat Intelligence Center of Qihoo 360.
Universities and educational institutions were among China’s hardest hit, numbering about 4,341. This may be attributed to the fact that China’s schools tend to have older computers which are slower to update operating systems and security, according to Fang Xingdong, founder of ChinaLabs, an internet strategy think tank.
Railway stations, mail delivery, gas stations, hospitals, office buildings, shopping malls and government services were also affected. The system used by PetroChina’s gas stations was also attacked. This meant that customers could not use their cards to pay.
This attack should be a wake-up call to all governments worldwide that more collective action is needed to improve cybersecurity.