ProductsLogo
LogoStudy Documents
LogoAI Grader
LogoAI Answer
LogoAI Code Checker
LogoPlagiarism Checker
LogoAI Paraphraser
LogoAI Quiz
LogoAI Detector
PricingBlogAbout Us
logo

WannaCry Ransomware Attack: A Comprehensive Analysis

Verified

Added on  2024/06/28

|10
|1079
|253
AI Summary
This paper provides a comprehensive analysis of the WannaCry ransomware attack, examining its nature, impact, and technical workings. It explores the attack's origins, its global impact on organizations, and the specific vulnerabilities exploited. The paper also delves into the technical aspects of the attack, including the encryption process and the attacker's methods. Finally, it discusses the perspectives of both the attacker and the organization that could be attacked, highlighting the importance of cybersecurity measures to prevent such attacks.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Contents
List of Figures
..................................................................................................................................2
List of Tables
................................................................................................................................... 2
Q1
What sort of cyber security attack was WannaCry Ransomware Attack and when did it first
emerge and occur?
........................................................................................................................... 3
Q2
What was the impact of the WannaCry Ransomware Attack in dollar terms for organizations
globally – give two specific examples of organizations that were impacted by the WannaCry

Ransomware Attack?
....................................................................................................................... 4
Q3
Explain how the WannaCry Ransomware Attack works as a process and technically –
considering the perspectives of both the attacker and organisation that could be attacked?
...........5
References
......................................................................................................................................10

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
List of Figures
Figure 1: Showing encryption process for ransomware.
.................................................................5
Figure 2: Showing first screen of WannaCry.
................................................................................. 6
Figure 3: Showing working of wannacry ransomware.
...................................................................8
List of Tables

Table 1: Showing basic details about the WannaCry ransomware attack.
......................................3
Table 2: Showing Impacts of WannaCry ransomware.
...................................................................4
Document Page
Q1 What sort of cyber security attack was WannaCry Ransomware Attack and
when did it first emerge and occur?

Ans: Summary table shown below discusses all the details regarding WannaCry ransomware.

Table
1: Showing basic details about the WannaCry ransomware attack.
WannaCry Ransomware attack

Name
WannaCrypt
Type of attack
Ransomware malware
Nature of attack
Data kidnapping attack
The methodology used for encryption
Asymmetric encryption
First occurrence
Friday, May 12, 2017
Targeted operating system.
Windows
Targeted vulnerability
EternalBlue, DoublePulsar
Microsoft Vulnerability Patch Number
MS17-010
(Microsoft Security Bulletin MS17-010 - Critical, 2018).

CVE for vulnerability
CVE-2017-0143
CVE-2017-0144

CVE-2017-0145

CVE-2017-0146

CVE-2017-0147

CVE-2017-0148

(Microsoft Security Bulletin MS17-010 - Critical, 2018)
Document Page
Q2 What was the impact of the WannaCry Ransomware Attack in dollar terms
for organizations globally – give two specific examples of organizations that

were impacted by the WannaCry Ransomware Attack?

Ans: Summary table shown below discusses the major impact of WannaCry ransomware.

Table
2: Showing Impacts of WannaCry ransomware.
Impact of WannaCry Ransomware attack

Total machine infected Estimate.
>200,000
Total ransom paid Estimate.
~ $50,000 bitcoin payment.
Top affected sectors.
Services
Manufacturing
Public administration departments
Wholesale trade online platforms
Finance insurance and real estate platforms
A number of countries affected.
~150
Organization mostly affected.
Britain’s National Health Service: This
organization experienced service

breakdown in nearly 40 hospitals across

the country.

Honda Motors: Production was stopped in
Honda motors japan car plant when

WannaCry virus hits their computer

networks
.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Q3 Explain how the WannaCry Ransomware Attack works as a process and
technically – considering the perspectives of both the attacker and organization

that could be attacked?

WannaCry which is also known as WannaCrypt is the biggest ransomware breakout recorded to

date. It infected approx. 150 countries infecting Britain healthcare agency. Having such big feat

this is less of a crafted ransomware more of a sophisticated one
(Richter, 2018).
This ransomware first gets access to victim’s machine in form of an email attachment. It contains

an application which perform the role of encrypting and decrypting data, files containing

encryption keys for encrypting victims data, a copy of the Tor browser
(What is WannaCrypt
ransomware, how does it work & how to stay safe, 2018)
. This can spread rapidly through LAN
exploiting SMB vulnerability to others machines present in the same network.

Figure
1: Showing the encryption process for ransomware.
Source:
(Fruhlinger, 2018).
Document Page
This ransomware uses Asymmetric public key encryption in order to encrypt some files. The
encryption process does not get started as soon as it downloaded. First, it tries to make a connection

to a URL which is “http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/”.

WannaCrypt searches for popular extensions

like .psd , .xltx , .iso , .pst , .xlw , .jar , .rar , .zip , .java , .raw and many more.

If found then it change the existing extension to “.WNCRY” to the file name

This so-called kill switch has been pushed. A security researcher registered this domain and slow

down the wildfire of WannaCry.

After encrypting the files on the victim machine, it shows a message like this when we try to access

any of files.

Figure
2: Showing the first screen of WannaCry.
Source:
(What is WannaCrypt ransomware, how does it work & how to stay safe, 2018).
Document Page
Next step is to ask for ransom from the victim which initially was $300 and later raised to $600.
And if the ransom is paid it is not guaranteed that victim will get his files back.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
Figure 3: Showing working of wanna cry ransomware.
Source:
(Nick Kostov in Paris, 2018).
Document Page
As organizations tend to have an internal network this ransomware is made to exploit the same
vulnerability of smb protocol thus can spread to other machines on the same network once

downloaded to a single machine of an organization.
Document Page
References
Anon, 2018.
Microsoft Security Bulletin MS17-010 - Critical. [online] Docs.microsoft.com.
Available at: <https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2017/ms17-

010> [Accessed 25 Jul. 2018].

Anon, 2018.
What is WannaCrypt ransomware, how does it work & how to stay safe. [online] The
Windows Club. Available at: <https://www.thewindowsclub.com/what-is-wannacrypt-

ransomware> [Accessed 25 Jul. 2018].

Fruhlinger, J., 2018.
What is ransomware? How it works and how to remove it. [online] CSO
Online. Available at: <https://www.csoonline.com/article/3236183/ransomware/what-is-

ransomware-how-it-works-and-how-to-remove-it.html> [Accessed 25 Jul. 2018].

Nick Kostov in Paris, J., 2018.
Cyberattack Victims Begin to Assess Financial Damage. [online]
WSJ. Available at: <https://www.wsj.com/articles/cyberattack-spreads-though-at-slower-pace-

1494835536?mod=e2tweu> [Accessed 25 Jul. 2018].

Richter, F., 2018.
Infographic: 200,000+ Systems Affected by WannaCry Ransom Attack. [online]
Statista Infographics. Available at: <https://www.statista.com/chart/9399/wannacry-cyber-attack-

in-numbers/> [Accessed 25 Jul. 2018].
1 out of 10
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]