WannaCry Disaster: An Analysis of the Ransomware Attack and Impact

Verified

Added on 2020/03/01

AI Summary

This report provides an in-depth analysis of the WannaCry ransomware attack, which occurred in May 2017 and affected approximately 230,000 computers across 150 countries. The report begins with an executive summary and an introduction, followed by a brief overview of the ransomware, detailing its method of attack, which exploited the Windows Server Message Block (SMB) protocol vulnerability known as Eternal Blue. It describes how the ransomware encrypted essential file systems, demanding ransom in Bitcoin. The report highlights the affected organizations, including the National Health Service (NHS) of the United Kingdom, FedEx, Telefonica, and Deutsche Bahn. Furthermore, it outlines the steps taken to combat the crisis, such as Microsoft's release of patch updates and the efforts of security software providers. The report also mentions the temporary cure found by Marcus Hutchins. The conclusion emphasizes the need for improved security infrastructure and vigilance to combat the growing rate of cybercrime. The report concludes with a list of references.

Running head: WANNACRY DISASTER
WannaCry Disaster
Name of the Student:
Name of the University:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1WANNACRY DISASTER
Executive Summary
The rampage of the ransomware WannaCry that took a toll of 230,000 computers and affected
many organisations worldwide is the point of attention of the report. The report seeks to project
the present condition of the cyber world and its effect on the people and organisations. To
support this problem, the ransomware issue is discussed in detail along with the steps that has
been taken to fight the same.

2WANNACRY DISASTER
Table of Contents
1. Introduction..................................................................................................................................3
2. A Brief Overview on the Ransomware........................................................................................3
3. Method of the Attack...................................................................................................................3
4. The Affected................................................................................................................................4
5. Steps Taken to Fight the Crisis....................................................................................................4
6. Conclusion...................................................................................................................................5
7. References....................................................................................................................................6

3WANNACRY DISASTER
1. Introduction
Today the world is scarred with news of cyber security breaches in a massive scale. The
so-called guardians of cyber world are proved failure every moment a system or a whole
organisation is compromised. The cat-and-mouse chase between the cyber security providers and
the hackers has been going on for years and embarrassingly the hackers outrun the protectors
every time (Sales, 2012). The objective of the report is to focus on this situation by analysing the
ransomware attack incident on May 2017 that has rocked the cyber world vigorously.
2. A Brief Overview on the Ransomware
The ransomware that is christened as WANNACRY is nothing but a glitch of Windows’
Server Message Block (SMB) protocol that goes by the name of Eternal Blue. The issue was first
detected by the United States National Security Agency (NSA). However, instead of informing
Microsoft Corporation regarding the glitch, the agency retained the glitch and modified it in their
labs for using for their own offensive operations against their enemies. A group of hackers who
are claiming themselves by the name Shadow Brokers managed to liberate the glitch from NSA
and unleashed it on the world on May 12, 2017 (Mohurle & Patil, 2017).
3. Method of the Attack
The ransomware can affect those systems that are running any supported or unsupported
version of Windows operating system. The ransomware enters the targeted system by exploiting
the SMB protocol’s glitch and encrypts all the essential file systems inside the device. The
computer becomes useless unless the files are decrypted (Shackelford, 2017). In such situation,
the user cannot perform any operation on the computer. The victim is only able to view a

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4WANNACRY DISASTER
dialogue box that is displayed on the screen of the computer through which the hackers demand
ransom in the form of bit-coin crypto currency against providing the decryption key of the
encrypted files. The victim can either ignore the message in which case, the computer is
permanently rendered useless or can pay up the desired ransom, however, there is no guarantee
that even after payment is done the hackers will keep their bargain (Shackelford, 2017).
4. The Affected
WannaCry affected approximately 230,000 computers spread over 150 separate countries
within one day. Among the most affected organizations were the National Health Service (NHS)
of United Kingdom, FedEx, Telefonica and Deutsche Bahn of Spain. Many personal computers
were also affected throughout the world (Collier, 2017).
5. Steps Taken to Fight the Crisis
Microsoft Corporation responded almost immediately by releasing patch updates for all
the supported as well as unsupported version of Windows operating system that has removed the
eternal blue glitch from the operating system and requested to the Windows users worldwide to
apply the patch as soon as possible (Gandhi, 2017). The security software providers like AVG,
Norton, McAfee and such released updates of their respective anti-virus software that helped to
fight the ransomware as well. Never the less, Marcus Hutchins, a North Devon security
researcher of England found a cure to the ransomware within a short time of the attack.
However, the remedy only succeeded to stall the attack for a while. Updated versions of the
infection were soon developed and released by the hackers that could not be affected by the cure
conjured by the 22 year old researcher (Gandhi, 2017).

5WANNACRY DISASTER
6. Conclusion
The effect of WannaCry on the world proves the poor security infrastructure that is still
being maintained throughout. Considerable improvement in security software as well as steadfast
vigilance is required to fight this growing rate of cyber crime.

6WANNACRY DISASTER
7. References
Collier, R. (2017). NHS ransomware attack spreads worldwide.
Gandhi, K. A. (2017). Survey on Ransomware: A New Era of Cyber Attack. International
Journal of Computer Applications, 168(3).
Mohurle, S., & Patil, M. (2017). A brief study of Wannacry Threat: Ransomware Attack 2017.
International Journal, 8(5).
Sales, N. A. (2012). Regulating cyber-security.
Shackelford, S. (2017). Exploring the ‘Shared Responsibility’of Cyber Peace: Should
Cybersecurity Be a Human Right?