What is WannaCry and How to Protect Yourself

A massive cyberattack hit on a global scale this weekend. Ransomware called WannaCry took over National Health Service computers in Britain, an entire movie theater chain in South Korea, more than 30,000 institutions in China, Germany’s train network, telecommunications giant Telefonica in Spain, FedEx in the US, and the interior ministry in Russia — as well as smaller attacks in around 150 countries. As of Monday morning (15 May 2017), over 200,000 systems are believed to have been infected.

The attack targeted a hole in the Microsoft operating system that is believed to have been originally discovered by the NSA. According to the BBC, the NSA collects information about software vulnerabilities and then decides which ones to inform companies of and which ones to “keep” in case an offensive or defensive move is needed.

In this case, Microsoft claims that the NSA developed a tool to exploit a vulnerability they’d identified, which was then stolen. It appears that only at that point, the government informed Microsoft of the vulnerability. The company released an update that corrected the security risk two months ago. However, anyone who did not download the update — or wasn’t able to update, due to the fact that they were running pirated software — was left vulnerable.

Ransomware attacks are when cyber criminals gain control over a person’s computer and/or data via an infected file. In this attack, the file was sent in a link via email. Once downloaded, victims saw a message asking for $300 in bitcoin flash on their screens and were informed that, until the ransom was paid, the data would be held hostage. Additionally, the rate was set to go up after three days and users were warned that everything would be deleted at the end of seven days if the ransom wasn’t paid.

In Britain, more than 47 trust were affected and doctors weren’t able to access patient information. Hospitals were forced to turn people away from the emergency room as they struggled to regain control of their computers. In China, where software piracy is rampant, over 30,000 institutions and organizations — including government agencies and hospitals — were hit.

Microsoft President Brad Smith sharply criticized the US government for the part they allegedly played in this attack, likening it to “the U.S. military having some of its Tomahawk missiles stolen.” He called for international standards making it illegal for governments to stockpile and exploit software vulnerabilities and that these threats should be taken as seriously as physical weapon stockpiles are.

WannaCry is notable because it managed to take out so many organizations in so many countries, but smaller ransomware attacks are happening every day. In fact, ransomware is the most common type of cyberattack, rising from 25 percent of all attacks in 2015 to 41 percent in 2016. If the trend continues, we’re only going to see that percentage increase in upcoming years.

How to protect yourself

Ransomware attacks exploit two human weaknesses: Fear and ignorance. Most people don’t realize yet that it’s not safe to click on a link in an email unless you’re absolutely sure of who it came from and what it is — and they pay out of fear of losing their data. As a result, the best way to protect yourself from this type of attack is to never click on emails from senders you don’t know and always double check directly with the sender before clicking anything. Finally, make sure to install all software as soon as it’s released and to use only legitimate software, as pirated software can’t be updated, leaving it vulnerable to attacks like WannaCry.

Share this post

About Tenta

Tenta is a next generation browser designed for privacy and security. Built-in true VPN, full data encryption, video downloader, secure medai vault, HTTPS Everywhere, Tenta DNS, and more.

View all posts by Tenta >

Install Tenta Browser Free!

Start protecting your online privacy today with Tenta Browser.

Download Tenta Browser Google Play Button