Jaclyn McRae 13 May 2017 12:32:24 AEST 2 MIN READ

Global cyber attack: WannaCry ransomware creates havoc

A global ransomware attack has been described as the biggest in history, shutting down hospitals and causing havoc for companies around the world.

Update: MailGuard has confirmed the screenshots in this blog post are in fact of the Jaff ransomware email, rather than WannaCry. Apologies for the confusion. We’re delving further into this at the moment.

The WannaCry ransomware (also known as WanaCrypt0r 2.0) encrypts the files of victims, rendering their system unaccesible unless they pay hundreds of dollars.

The UK’s national health system and FedEx are among the victims, with hospital operating rooms grinding to a halt after the NHS’s computer systems were held to extortion.

Australian businesses were among those targeted with the ransomware, which was a non-targeted attack delivered via spam emails. 

What the WannaCry ransomware emails look like 

The email contains a PDF attachment embedded with a malicious macro.

The body of the email contains no information other than an instruction to ‘Please open the attached file”.

Wannacry ransomware email MailGuard1.png Image source: MailGuard

wannacry ransomware email MailGuard2.png

Image source: MailGuard

The ransomware encrypts data on the computers, demanding payments of $300 to $600 to restore access – a relatively small amount, most likely chosen to entice some victims to pay up.

The amount doubles if the ransom isn’t paid within 72 hours, and the criminals warn the files will be deleted if the ransom isn’t paid within one week.

There is speculation the cybercriminals behind the attack exploited a vulnerability identified by the US National Security Agency (NSA), which was later leaked on the internet.

FedEx has confirmed its system was infected with the malware.

"Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware," the company said in a statement.

NHS says it is working to manage the attack.

What WannaCry ransomware looks like.png

“This attack was not specifically targeted at the NHS and is affecting organizations from across a range of sectors,” the NHS said in a statement. “Our focus is on supporting organizations to manage the incident swiftly and decisively.” 

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering significantly reduces the risk of new variants of malicious email from entering your network.

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update, or follow us on Twitter @MailGuard.

Keep Informed with Weekly Updates

 

^ Back to Top