Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

WannaCry Ransomware Attack: A Comprehensive Analysis

Verified

Added on 2024/06/28

AI Summary

This paper provides a comprehensive analysis of the WannaCry ransomware attack, examining its nature, impact, and technical workings. It explores the attack's origins, its global impact on organizations, and the specific vulnerabilities exploited. The paper also delves into the technical aspects of the attack, including the encryption process and the attacker's methods. Finally, it discusses the perspectives of both the attacker and the organization that could be attacked, highlighting the importance of cybersecurity measures to prevent such attacks.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Contents
List of Figures..................................................................................................................................2
List of Tables................................................................................................................................... 2
Q1 What sort of cyber security attack was WannaCry Ransomware Attack and when did it first
emerge and occur?........................................................................................................................... 3
Q2 What was the impact of the WannaCry Ransomware Attack in dollar terms for organizations
globally – give two specific examples of organizations that were impacted by the WannaCry
Ransomware Attack?....................................................................................................................... 4
Q3 Explain how the WannaCry Ransomware Attack works as a process and technically –
considering the perspectives of both the attacker and organisation that could be attacked?...........5
References......................................................................................................................................10

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

List of Figures
Figure 1: Showing encryption process for ransomware..................................................................5
Figure 2: Showing first screen of WannaCry.................................................................................. 6
Figure 3: Showing working of wannacry ransomware....................................................................8
List of Tables
Table 1: Showing basic details about the WannaCry ransomware attack.......................................3
Table 2: Showing Impacts of WannaCry ransomware....................................................................4

Q1 What sort of cyber security attack was WannaCry Ransomware Attack and
when did it first emerge and occur?
Ans: Summary table shown below discusses all the details regarding WannaCry ransomware.
Table 1: Showing basic details about the WannaCry ransomware attack.
WannaCry Ransomware attack
Name WannaCrypt
Type of attack Ransomware malware
Nature of attack Data kidnapping attack
The methodology used for encryption Asymmetric encryption
First occurrence Friday, May 12, 2017
Targeted operating system. Windows
Targeted vulnerability EternalBlue, DoublePulsar
Microsoft Vulnerability Patch Number MS17-010
(Microsoft Security Bulletin MS17-010 - Critical, 2018).
CVE for vulnerability CVE-2017-0143
CVE-2017-0144
CVE-2017-0145
CVE-2017-0146
CVE-2017-0147
CVE-2017-0148
(Microsoft Security Bulletin MS17-010 - Critical, 2018)

Q2 What was the impact of the WannaCry Ransomware Attack in dollar terms
for organizations globally – give two specific examples of organizations that
were impacted by the WannaCry Ransomware Attack?
Ans: Summary table shown below discusses the major impact of WannaCry ransomware.
Table 2: Showing Impacts of WannaCry ransomware.
Impact of WannaCry Ransomware attack
Total machine infected Estimate. >200,000
Total ransom paid Estimate. ~ $50,000 bitcoin payment.
Top affected sectors.  Services
 Manufacturing
 Public administration departments
 Wholesale trade online platforms
 Finance insurance and real estate platforms
A number of countries affected. ~150
Organization mostly affected.  Britain’s National Health Service: This
organization experienced service
breakdown in nearly 40 hospitals across
the country.
 Honda Motors: Production was stopped in
Honda motors japan car plant when
WannaCry virus hits their computer
networks.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

Q3 Explain how the WannaCry Ransomware Attack works as a process and
technically – considering the perspectives of both the attacker and organization
that could be attacked?
WannaCry which is also known as WannaCrypt is the biggest ransomware breakout recorded to
date. It infected approx. 150 countries infecting Britain healthcare agency. Having such big feat
this is less of a crafted ransomware more of a sophisticated one (Richter, 2018).
This ransomware first gets access to victim’s machine in form of an email attachment. It contains
an application which perform the role of encrypting and decrypting data, files containing
encryption keys for encrypting victims data, a copy of the Tor browser (What is WannaCrypt
ransomware, how does it work & how to stay safe, 2018). This can spread rapidly through LAN
exploiting SMB vulnerability to others machines present in the same network.
Figure 1: Showing the encryption process for ransomware.
Source: (Fruhlinger, 2018).

This ransomware uses Asymmetric public key encryption in order to encrypt some files. The
encryption process does not get started as soon as it downloaded. First, it tries to make a connection
to a URL which is “http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/”.
WannaCrypt searches for popular extensions
like .psd , .xltx , .iso , .pst , .xlw , .jar , .rar , .zip , .java , .raw and many more.
If found then it change the existing extension to “.WNCRY” to the file name
This so-called kill switch has been pushed. A security researcher registered this domain and slow
down the wildfire of WannaCry.
After encrypting the files on the victim machine, it shows a message like this when we try to access
any of files.
Figure 2: Showing the first screen of WannaCry.
Source: (What is WannaCrypt ransomware, how does it work & how to stay safe, 2018).

Next step is to ask for ransom from the victim which initially was $300 and later raised to $600.
And if the ransom is paid it is not guaranteed that victim will get his files back.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Figure 3: Showing working of wanna cry ransomware.
Source: (Nick Kostov in Paris, 2018).

As organizations tend to have an internal network this ransomware is made to exploit the same
vulnerability of smb protocol thus can spread to other machines on the same network once
downloaded to a single machine of an organization.

References
Anon, 2018. Microsoft Security Bulletin MS17-010 - Critical. [online] Docs.microsoft.com.
Available at: <https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2017/ms17-
010> [Accessed 25 Jul. 2018].
Anon, 2018. What is WannaCrypt ransomware, how does it work & how to stay safe. [online] The
Windows Club. Available at: <https://www.thewindowsclub.com/what-is-wannacrypt-
ransomware> [Accessed 25 Jul. 2018].
Fruhlinger, J., 2018. What is ransomware? How it works and how to remove it. [online] CSO
Online. Available at: <https://www.csoonline.com/article/3236183/ransomware/what-is-
ransomware-how-it-works-and-how-to-remove-it.html> [Accessed 25 Jul. 2018].
Nick Kostov in Paris, J., 2018. Cyberattack Victims Begin to Assess Financial Damage. [online]
WSJ. Available at: <https://www.wsj.com/articles/cyberattack-spreads-though-at-slower-pace-
1494835536?mod=e2tweu> [Accessed 25 Jul. 2018].
Richter, F., 2018. Infographic: 200,000+ Systems Affected by WannaCry Ransom Attack. [online]
Statista Infographics. Available at: <https://www.statista.com/chart/9399/wannacry-cyber-attack-
in-numbers/> [Accessed 25 Jul. 2018].

1 out of 10

+13062052269

info@desklib.com

WannaCry Ransomware Attack: A Comprehensive Analysis

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

WannaCry Ransomware Attack: Impact, Process and Technicalities

IT Security: WannaCry Ransomware Attack

IT Security Management

Ethical Hacking: WannaCry Ransomware Attack and GDPR Implications

Potential Threats and Mitigation Tools for Ransomware

Cyber Security WannCry Attack Case Study 2022