A cyberattack is currently hitting countries from Great Britain to Russia, affecting hospitals, businesses, and home computers.
The attack, also known as WannaCry, has reportedly affected over 200,000 businesses across 150 countries since initially being reported on Friday. In Great Britain alone, 16 National Health Service hospitals were hit.
The number of those affected is likely to grow as more victims come forward and similar mutations to WannaCry begin to find their way into networked systems. As of the morning of May 16, upwards of 275 victims of WannaCry had paid a combined total of over $78,000 in ransom.
WannaCry is being described as a “ransomware” attack—a cyberattack that locks out computer users until a ransom is paid.
WannaCry exploits old, un-updated Microsoft operating systems by automatically encrypting files until at least one bitcoin—a digital currency equal to roughly $300—is paid. Ransom messages appeared in 28 different languages to those who were infected.
Despite releasing patches for this vulnerability in March, hackers were still able to exploit those computers that remained un-updated.
Other variations of the WannaCry ransomware are likely to appear as the vulnerability to Microsoft has now been confirmed.
The vulnerability, known as EternalBlue, was made public after a batch of National Security Agency cybertools were reportedly leaked in April. Despite Microsoft ending software support for the its XP almost three years ago, it’s considering offering additional patches to XP, Windows 8, and Windows Server 2003, though the damage from WannaCry is still done.
Windows XP remains one of the most widely used operating systems in the world. Russia, Ukraine, India, and Taiwan are reportedly the most affected by number of attacks.
Last year, there were still reportedly over a 100 million XPs still in use, with millions still connected to the internet.
Not 24 hours after the first reports of WannaCry infections, a security expert known only as MalwareTech discovered that WannaCry filtered through an unregistered domain.
After spending about $11 to purchase the domain, MalwareTech had essentially stopped the spread of the virus—though this did not help those already infected by WannaCry.
There are generally three possible responses to a ransomware attack: pay the ransom (which is almost never recommended), figure out the decryption key, or throw the system out altogether and rely on backups.
There is no single government policy that can mitigate the threat of ransomware. Most of the defense against such attacks comes in its prevention.
This includes making sure software is downloaded from a legitimate source and remains up to date. It also includes making sure users maintain good cyber hygiene, such as refraining from opening suspicious emails and downloading anything suspicious.
As the scope and cost of ransomware continue to grow, several states have passed or introduced legislation to increase the penalties for ransomware.
Last September, California signed into law Senate Bill 1137 that made ransomware punishable for up to four years in jail. In February, Maryland introduced Senate Bill 405, which planned to penalize cyber extortion with up to 10 years in prison or a $10,000 fine.
The magnitude of WannaCry’s impact will likely lead to an international response. The U.S. and its international partners like Europol are already working on ways to decrypt victims from WannaCry.
Domestically, and going into the future, the best thing policymakers can do is make sure their own systems are up to date, and advocate that users do the same.
But don’t be surprised to see ripple effects of these attacks months from now. Remember that bad guys are online too, and that you need to make sure you and your family’s information is secure.
Good cyber hygiene includes having strong passwords, two-factor authentication, and not putting too much personal information online that could lead to future scams. Prevention is always the best defense.
Note: This article has been corrected to clarify that the amount of the ransom price set by the WannaCry cyber malware is different than the value of one bitcoin.