WannaCry is a computer attack based on an extremely dangerous virus, it came to the attention of the whole world yesterday after dozens of hospitals had their computer systems blocked. WannaCry is based on vulnerabilities discovered by the NSA in the Windows operating system, the hackers blocking the victims' computers and asking for a $300 reward to unlock them.
WannaCry encrypts the data of blocked computers, so that they cannot be recovered by the victims if they do not give money to the hackers, yesterday's attack also affecting many large companies such as FedEx, for example. Based on what is known so far, WannaCry affected institutions and companies from dozens of countries on the planet, in all cases Windows computers were encrypted by hackers.
The vulnerability behind the WannaCry attack was initially codenamed by the NSA ETERNAL BLUE, she being revealed by a group of hackers called The Shadow Brokers. Initially, the WannaCry virus was distributed through attachments sent using emails, with Google Docs at one point helping to distribute it.
WannaCry - the computer attack that brought the world to its knees
After infecting the victim's computer, WannaCry can distribute itself through the local computer network using a Windows SMB Server vulnerability. Practically, in a large company, WannaCry can infect almost the entire network from a single computer, and from here the problem becomes an extremely serious one for the IT department.
Of course, ordinary users are also vulnerable to WannaCry, but only if they haven't installed the latest Windows updates since March. Microsoft claims to have blocked the WannaCry vulnerability in the March update of Windows, and Windows Defender already knows how to identify and block the virus Ransom:Win32.WannaCrypt.
"Organizations in dozens of countries have all been hit with the same ransomware program, a variant of "WannaCrypt," spouting the same ransom note and demanding $300 for the encryption key, with the demand escalating as time passes."
At the moment, someone registered a domain that the WannaCry virus used to initiate its encryption process, so that doesn't happen anymore. However, WannaCry remains the most dangerous virus of the year due to the large number of institutions and companies infected, so you must be careful and protect yourself against it.
