After its discovery on Friday, the WannaCry ransomware attack has infiltrated some 10,000 organizations and 200,000 individuals spanning across 150 countries. Dubbed as the largest ransomware infection in history, the WannaCry attack happens rather innocuously. A simple box with a simple message appears on your screen: "Ooops! Your files have been encrypted!"
According to Matt Suiche, founder of the cyber security start-up Comae Technologies, WannaCry uses 28 languages and has the ability to "encrypt 179 types of files." Once it infects an operating system, it demands the victim to wire money - between $300 to $600 - in bitcoins, which normally results in returning system control back to the users.
Experts seem to have the global ransomware attack covered at the moment but fear that workers returning to their offices on Monday may not be adequately equipped to fight off similar attacks. Furthermore, copycat versions of the ransomware are out now as well and may cause trouble in the coming week.
The gravity of the situation became even more apparent after cyber security officials in the White House convened over the weekend to discuss the ransomware attack. The source of the attack remains a delicate subject for the cyber security officials who have yet to release the official name of the perpetrators.
In the post outlined by Suiche, WannaCry is known to encrypt ordinary files like documents, photos, audio files, videos, and .zip folders. The ransomware attack apparently uses an NSA cyber-weapon to exploit Windows, too. In March, Microsoft released a security patch to protect users from this type of attack, but not everyone has decided to install it, rendering them vulnerable. The information about the cyber-weapon was leaked by hackers collectively known as Shadow Brokers last month, but it is not definitively known who exactly orchestrated the WannaCry raid in the first place.
So far, one of victims of the WannaCry attack is England's National Health Service, which led to the shutting down of at least 16 hospitals. Other WannaCry attacks were reported in Spain, Portugal, Russia, Ukraine, and Taiwan.
The NHS released a statement in the aftermath of the attack, "Our focus is on supporting organizations to manage the incident swiftly and decisively but we will continue to communicate with NHS colleagues and will share more information as it becomes available." It is not known if any patient data was breached in the attack.
Until its copycats and similar attacks are wiped out, be aware of any pop-ups that appear on your computer screen.