The Mystery of Wannacry Ransomware Attack Explained

On the fateful day of 12th May, 2017, a worldwide cyber attack, popularly known as; Wannacry Ransomware, plagued the computer networks of multiple corporate entities, healthcare organisations and government agencies. The data of the victims was encrypted and original files were deleted from the systems, rendering the encrypted files useless.

If Ransomware has hit your system, the wallpaper of your system will be changed and will be replaced by an image that says: “Oops! Your files have been encrypted”, followed by a notification that displays information which comprises of the following queries and their answers:

  1. What has happened to my computer?
  2. Can I recover my files?
  3. How Do I pay?

On the left side of the notification bar, a timer is activated which gives the victim a duration of 72 hours to pay ransom amount of $300 in bitcoin, which is the crypto currency. To make matters worse, if the payment isn’t made within due time, the price is doubled.

What Brought on the Attack?

Two reasons have been attributed to this global phenomenon, which transcended the political boundaries and caused mayhem across the globe:

Use of Outdated Versions of Microsoft Windows:

The virus exploits a bug in outdated versions of Microsoft’s Windows operating system i.e. Windows XP and Windows 8. Ransomware attack was a ticking bomb which finally exploded on May 12th as a lot of corporate businesses, healthcare systems and government sectors from across the world were running on outdated Windows XP which had not been upgraded in due course of time.

Window 8 is also prone to being attacked by cyber criminals as it is missing a crucial patch which provides safety to the operating systems against cyber-attacks. Hardware machines like ATMs, medical equipment like microscopes, MRI machines & X-ray machines etc. also operate on outdated version of Microsoft windows. Unfortunately, window upgrades for software deployed in hardware equipment haven’t been rolled out yet, making them more susceptible to cyber-attacks.

Hacking Tools of Intelligence Agencies Fell in The Wrong Hands

It is hardly a secret that the National Security Agency of USA other countries have access to such hacking tools which can access even the most confidential and secure cyber data. Whereas the cyber criminals remain untraceable, evidence has been found that the powerful cyber weapons of spy agencies fell in the hands of cyber criminals. When cyber spying, National Security Agencies usually take the offensive approach and exploit all means of getting access to confidential information. In doing so, intelligence agencies have created dangerous hacking weapons. To ensure the non-proliferation of hacking tools is usually not the top agenda of intelligence agencies. Hence, anonymous hackers have got access to these tools and have created havoc across the globe.

 Prevention & Remedy:

In the face of the recent wave of cyber terrorism, the following steps should be taken for prevention and remedy:

  1. Up gradation to windows 10 and above systems
  2. Backup data on regular basis – Cloud recommended
  3. Deployment of IT management solutions like Evershield which will provide protection from future cyber-attacks. Evershield ensures that the operating systems are constantly up graded, provides managed backups for healthcare institutes, in case the data falls prey to cyber encryption, and delivers managed security with full reporting and support.


For more information email us at


You may also like