Cyber Security Report: WannaCry Ransomware Attack Analysis and Impact

Verified

Added on 2020/05/16

AI Summary

This report provides an in-depth analysis of the WannaCry ransomware attack, a significant cyber security incident that occurred in 2017. The report details the nature of the WannaCry malware, which encrypted systems and demanded Bitcoin ransom, and its propagation through the Eternal Blue exploit. It highlights the widespread impact, including attacks on the National Health Service in the UK and various organizations globally, emphasizing the vulnerability of older Windows systems. The report discusses the technical aspects of the attack, including the encryption process and ransom demands, as well as the ethical implications, such as data breaches and financial extortion. It further examines the response to the attack, including Microsoft's security updates and the role of Marcus Hutchins in mitigating the spread of the malware. The report concludes by emphasizing the need for improved cyber security measures to prevent future attacks and protect against the evolving threats in the digital landscape.

Running head: CYBER SECURITY
Cyber Security
Name of the Student
Name of the University
Author note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1CYBER SECURITY
Table of Contents
Introduction..........................................................................................................................2
The incident.........................................................................................................................2
Conclusion:..........................................................................................................................4
References............................................................................................................................5

2CYBER SECURITY
Introduction
The WannaCry malware that hit the world in the year of the 2017 is one of the biggest
attract on the world of the internet. This was the biggest attack ever the cyber security experts
witnessed and didn’t know how to deal with the same (Hern and Gibbs, 2018). The WannaCry
was a type of malware the at encrypted the systems of the victims and wanted ransom in the form
of Bitcoin in exchange of the decrypting files.
The incident
The WannaCry ransom attract widespread on the May 2017 through the WannaCry
crypto ware, which after the Microsoft windows operating system. The malware encrypted the
systems running in Windows OS and demanded the payment in the form of the Bitcoin
cryptocurrency. It exploded and propagated through the Eternal Blue in the older windows
version (CNET, 2018). The primary target were the systems running in the windows XP an
unsupported windows version. A report by the Kaspersky security labs estimated that
approximately more than 2000000 computers were after by it 150 countries of the world. One of
the biggest attack recorded was on the National health service hospital in the England and the
Scotland’s. Approximately more than 70000 systems including the computers, MRI scanners,
blood-storage refrigerators were encrypted by the hack. Other than this the Nissan motors in the
UK were also hampered, who due to the attract was forced to shut done the assembly line of the
pantoate than this the otter major attacks were on the south Asia countries like the china, India,
south Korea japan, and the US countries were also attacked by the systems. The software bread
spreaded mostly thee word documents and the pdf files and other such extensions which is
usually sent though emails, or though the secondary infectious files in the computers already
affected. The working of the crypto ware is very simple, when a system got infected the

3CYBER SECURITY
infectious file spread to entire hard disk of the system and contacts the central server for the
encryptions to get activated (Ashurst, 2017). Once the process of the encryption is completed,
the entire screen gets blocked a message pops up for the payment options and details regarding
it. IT also shows that if the amount is not paid in the given interval of time, all the files that are
stored would get destroyed automatically, a timer showing the time left (Mohurle and Patil,
2017). It was also seen that even after the payment was done by the user, the description was not
done.
The attack leaked personal information of the victims which is a major harm of the
ethical values of a person Also the victims had to pay for the decryption of the encrypted files
which is a major harm to the ethics of a personal. Other ethics that were harmed by this hack
were the reading of private information, monitoring social media information’s, capturing the
information about the keystrokes and reading of files in the systems (Dewsbury and Dewsbury,
2017). The information’s related to an organisation were also leaked in the attack, which is a
major threat to the ethics.
Soon after the shadow brokers released the file of the encryption, the Microsoft realised a
security update for the same. But the systems which were running in the older versions of the OS
and did not get the security files got affected. Soon after the virus affected the computer many
researchers started exploring the solutions for removing this. Many instructions were referred by
the Kaspersky labs, the Microsoft teams and others.
 Updating to the latest security update by the Microsoft was the most important
thing to be done.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4CYBER SECURITY
 Blocking of the SMB ports and the ports on Enterprise Edge/perimeter network
devices UDP 137, 138 and TCP 139, 445 and Disable SMBv1.
 Restrict the TCP port 445
 Establish a Sender Policy Framework (SPF), Domain Message Authentication
Reporting and Conformance (DMARC), and Domain Keys Identified Mail
(DKIM)
 Usage of proper registered and updated malware.
In the end the entire solution for the loss was given by one single man Marcus Hutchins
helped in stopping the malware. He invented a vulnerability inn the source code of the crypto
ware to stop the virus (Pascariu, BARBU and Bacivarov , 2017).
Conclusion:
The attack of the crypto ware WannaCry became one pf the key event in the history of
the cyber security world. After this attack, it can be understood that the current security systems
are not enough to the upcoming attacks and there are lot to be one in order to stop these attacks.
This was one of the event which buffed up the security experts all over the world. This attract
resulted in huge loss of and money as many of the victims paid for the files. This in turn gave the
victims inspiration for doing such attacks again. It cannot be said if there are any coming attack
in the future, but steps can be taken in order to stop these.

5CYBER SECURITY
References
Ashurst, A., 2017. How to… keep your workplace computer systems safe. Nursing And
Residential Care, 19(9), pp.536-536.
CNET. (2018). WannaCry ransomware: Everything you need to know. [online] Available at:
https://www.cnet.com/news/wannacry-wannacrypt-uiwix-ransomware-everything-you-need-to-
know/ [Accessed 23 Mar. 2018].
Dewsbury, G. and Dewsbury, D., 2017. Securing IT infrastructure in the care home. Nursing And
Residential Care, 19(12), pp.672-674.
Hern, A. and Gibbs, S. (2018). What is WannaCry ransomware and why is it attacking global
computers?. [online] the Guardian. Available at:
https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-what-is-
wanacrypt0r-20 [Accessed 23 Mar. 2018].
Mohurle, S. and Patil, M., 2017. A brief study of wannacry threat: Ransomware attack
2017. International Journal, 8(5).
Pascariu, C., BARBU, I.D. and Bacivarov, I.C., 2017. Investigative Analysis and Technical
Overview of Ransomware Based Attacks. Case Study: WannaCry. Int'l J. Info. Sec. &
Cybercrime, 6, p.57.