The "WannaCry" Ransomware Attack

May 15, 2017 3 min read

wannacry ransomware attack

If you have been enjoying a great 3-day weekend away from it all, then undoubtedly this morning when reading about current events, you came across a story about a massive ransomware attack called “WannaCry.”


It managed to take over an estimated 57k computers in over 150 countries by the end of the day this past Friday, May 12th.   And although the spread had slowed greatly by Saturday, as of this (Monday) morning, that estimate was upgraded (or downgraded depending upon your perspective!) to over 200,000 systems around the globe.   

It is, by far, the most egregious malware attack of 2017, and one of the top in Internet history.  The worst part?  It’s thought to be a rather unsophisticated adaptation of the NSA’s malware that was leaked recently in a dump called “Vault 7” that made its way to Wikileaks for publication.

This means a couple of novice hackers took the NSA’s leaked code, made a couple of minor tweaks, and it created major chaos that has not stopped as of the writing of this blog.

Once a more capable set of hackers gets to writing a more evolved version of the malware, what we saw over the weekend really will look like child’s play.  You hate to speculate on what’s to come, but this the proverbial tip of the iceberg.  Now that the source code for these malicious programs are out of Pandora’s box, expect to see them weaponized and used against everyone with impunity.

What Is WannaCry? 

To put it simply, WannaCry is a type of trojan virus called “ransomware”, and as the name might suggest, this virus takes over your computer and all the files it contains.  It then demands that the user pay a ransom in order to regain access of the computer and its files again.

How Does WannaCry Take Over My Files?

wannacry ransomware trojan virus


With ransomware, would-be cyber criminals gain access to your system by tricking you into downloading malicious software that looks benign or familiar.  Once you start the executable, the ransomware locks all of your files except for 2 and starts to encrypt them.

The two files that you can still access are instructions on how to pay the ransom and the malware itself.  Aside from these 2 files, your computer is practically worthless.

With WannaCry, it gives you a couple of days to pay said ransom, while warning you that your files will be deleted if you do not comply.   It wants payment in Bitcoin and it gives you an address to send it to even. 

How Do I Protect Myself From WannaCry?

The only foolproof way to protect yourself against malware and this particular virus especially is to regularly backup your files.  It’s a great habit to get into anyway, so you might as well start now.  If your files are backed up daily, then if you suffer a cyber attack, you won’t lose your data, nor will you have to pay their ransom.

Using a real-time protecting anti-virus program like Malwarebytes may catch it if your definitions are up to date.

Lastly, installing thelatest security updates released on Friday by Microsoft is a MUST.  Do this right away if you have not already. 

What Can I Do If My Computer Is Already Infected?

Sadly, there is not a whole lot that can be done after the fact.  Security experts warn against paying the ransom as it only makes hackers embolden to try more.

If you have backed up your files, you can run a system restore and you’ll be golden.  If you have not backed up your files previously, then a fresh operating system install will be required and you will lose everything on the hard drive.

Josh Bare
Josh Bare

Leave a comment

Comments will be approved before showing up.