The WannaCry Ransomware Attack: Explained

We've got everything you need to know about the WannaCry Ransomware attack right here on the Myki Emergency Report

How did the Cyber attack unfold?

On Friday, a Massive ransomware infection hit computers across 99 countries all over the world. The cyber-attack allegedly used tools that are believed to have been stolen from the NSA. Cyber-security firm Avast said it had seen 75,000 cases of the ransomware - known as WannaCry has exploited a vulnerability in Windows computers around the world.

The malware spread quickly on Friday, with medical staff in the UK reportedly seeing computers go down "one by one". National Health Service staff shared screenshots of the WannaCry program, which demanded a payment of $300 in virtual currency Bitcoin to unlock the files for every locked computer. Throughout the day, other European countries started reported infections. Some reports said Russia had seen more infections than any other single country. Banks, interior and health ministries, the state-owned Russian railway firm and the second largest mobile phone network were all reported to have been hit. In Spain, telecoms giant Telefonica, and utility provider Gas Natural - were also hit, staff at the firms were told to turn off their computers. France's car-maker Renault, Portugal's Telecom, and even the US delivery company FedEx suffered from the attack.

How does the malware work and who is behind it?

The infections seems to be deployed via a worm - a program that spreads by itself between computers. While most other malicious programs rely on humans to spread by tricking them into clicking on an attachment that contains he attack code, once WannaCry is inside an organization it will hunt down vulnerable machines and infect them too. Some experts say the attack may have been built to exploit a weakness in Microsoft systems that was identified by the NSA and given the name EternalBlue.

The NSA tools was stolen by a group of hackers known as The Shadow Brokers, who made it freely available in April, saying it was a "protest" about US President Donald Trump. A patch for the vulnerability was released by Microsoft in March, which would have automatically protected those computers with Windows Update enabled. Microsoft said on Friday it would roll out the update to users of older operating systems

The number of infections seems to be slowing after a "kill switch" appears to have been accidentally triggered by a 22 year old UK-based cyber-security researcher tweeting as @MalwareTechBlog. But he warned this was a temporary fix, and urged computers users to "Patch your systems ASAP”.

A Firm investigating THE activity has said Criminals behind cyber-attack have raised just $20,000, they have identified three associated bitcoin addresses but can’t trace individuals before funds are withdraw. Tom Robinson, co-founder of Elliptic, which identifies illicit activity involving bitcoin said: “It’s not technically correct to say that bitcoin users are anonymous, they’re pseudonymous, by which I mean every bitcoin transaction ever made is recorded in A public database known as the blockchain,” Robinson CLAIMS. “While we don't know the identities, we can see that bitcoins are going from address one to address two, but we don’t know who controls those addresses by default.

Here's what you need to do:

If you are concerned about the ransomware virus spreading all over the world this week, and potentially losing all of your data, you should make sure you have the correct patches in place now.

If you are running any computers with XP, Vista, Windows 7, 8, Server 2003 or 2008, you should check Microsofts update patch page today and install immediately - Follow the link here for the updates:

  1. Enable windows update
  2. Update your computer
  3. Reboot

If you didn't catch Episode 1 or Episode 2 check them out now!

Subscribe to our YouTube Channel for more videos!

The Myki Emergency Report is brought to you by the Myki Password Manager Team. For more information visit:

Download the Myki Password Manager & Authenticator on Android and iPhone:

The WannaCry Ransomware Attack: Explained
Share this