A look at how the WannaCry ransomware works

comments         Published     Updated

KINIGUIDE It has been a week since the WannaCry ransomware made headlines worldwide by locking up hundreds of thousands of computers worldwide, and demanded payment for letting the users back into their own files.

As the dust settles, this instalment of KiniGuide takes a look at how WannaCry works and how it got so prolific.

What is a ransomware?

Ransomware is a type of malicious software (malware) that scrambles the information stored in the infected computer, which renders it unreadable.

As the name suggests, the ransomware then demands payment for unscrambling that same information.

The first ransomware dates back to 1989, but this type of cyberattack has gained popularity since 2013.

What exactly does WannaCry do?

It is unclear how the initial infection was made, but it was suspected to be an email with a link to the ransomware, or an email attachment masquerading as an invoice or some other documents. The first reports about WannaCry started on May 12.

Regardless of how a computer was initially infected, it would then exploit a security loophole in the computer’s file sharing system to quietly spread to other computers on the same network.

It would scramble the information on all the infected computers, and then demand a payment in US$300 (RM1,298) worth of BitCoins (a type of digital currency) in three days. Otherwise, the ransom doubles to US$600 (RM2,597).

After seven days from the ransom demand, the users are locked out for their files forever.

Who is vulnerable?

The WannaCry (also known as WannaCrypt, WanaCrypt0r, WCrypt, or WCRY) ransomware targets Microsoft Windows computers that have not been updated recently. Windows 10 is not being targeted.

Who has been hit?

According to the European Union Agency for Law Enforcement Cooperation director Rob Wainwright, there an estimated total of 200,000 victims in at least 150 countries. A more recent report claimed the figure to be closer to 300,000.

Among the worst hit are some hospitals in the UK, which were forced to turn away patients while staff got locked out of their computers....

For the rest of this story and more, subscribe for only RM150 a year (full news access)
or RM420 a year (full news + full archive access). If you're already a subscriber, please sign in.

Sign in Subscribe now

Keep Malaysiakini independent!

Malaysiakini will be 18 this year. That we’ve survived this long is because of you.

Your support matters. A lot. Especially those who pay RM150 annually, RM288 biennially or RM388 triennially to keep Malaysiakini independent from government/opposition influence and corporate interests. Advertising alone will not keep Malaysiakini afloat.

Together, we’ve gone far. We’ve covered three prime ministers, four general elections, five Bersih rallies, and countless scandals. But the journey continues.

Help us deliver news and views that matter to Malaysians. Help us make a difference for Malaysia.

Support Malaysiakini



Malaysiakini
news and views that matter


Sign In