GLOBAL NEWS: How the WannaCry ransomware attack spread around the world

Daniel Tobok
E: daniel@cytelligence.com
Posted on: March 20, 2019

Andrew Russell, National Online Journalist, Investigative for Global News, writes:

On Friday morning, somewhere in Europe, an unwitting user opened an email attachment or clicked a link allowing the ransomware “WannaCry” to infect their computer. The virus spread rapidly, infecting 200,000 systems in more than 150 countries around the world.

Elsewhere in Europe, French carmaker Renault was hit as was German rail company, Deutsche Bahn, while FedEx computers in the U.S. also fell victim to the malware.

“It exposes a vulnerability in Windows XP for file sharing protocol,” said cybersecurity expert Daniel Tobok. “It gets into one computer and then from there laterally goes into all the computers on the network.”

WannaCry — also known as WanaCrypt0r 2.0, WannaCry and WCry — is a type of malicious software known as “ransomware” that gets into your computer — either when you click on or download the wrong thing — and then it encrypts some of your files. You will receive a message that the files will be unencrypted only if you pay a certain amount in ransom, usually in bitcoin.

With WannaCry, a red screen would appear saying “oops, your files have been encrypted” and you would be hit with a demand for $300 worth of bitcoin. That would jump to $600 after 72 hours. After seven days, the files would be permanently locked.

“It basically says in a very nice way, ‘you’re screwed.’ The information is encrypted. If you want it back you have to pay us,” said Tobok. “It actually has a little ticking clock that counts down the time.”

READ FULL ARTICLE