The WannaCry Attack
Contents
The WannaCry Attack
Derek D’Souza, A01266791
Computing, British Columbia Institute of Technology
COMP 7003: Introduction to Information and Network Security
Ashkan Jangodaz
January 20, 2025
Abstract
The WannaCry worm and ransomware attack was launched on May 12, 2017, infecting over 200,000 Microsoft Windows devices across 150 countries. Disrupting sectors like healthcare, transportation, and manufacturing, with damages up to $4 billion. WannaCry’s NSA-developed exploit, EternalBlue exploited vulnerabilities in Microsoft Windows Server Message Block version 1 (SMBv1). WannaCry encrypted victims’ files, demanding a starting ransom of $300 USD in bitcoin, but was unprofitable due to operational flaws, and the discovery of a kill switch by ex-hacker and cybersecurity researcher Marcus Hutchins. The attack calls into question nation-state stockpiling of cyberweapons, reliance on outdated systems, and the alleged involvement of the DPRK’s Lazarus Group. This essay explains how WannaCry works to a non-cybersecurity audience, and endorses Microsoft’s call for a “Digital Geneva Convention” to prevent future misuse of cyberweapons.
Introduction
For approximately …
Derek D’Souza, A01266791
Computing, British Columbia Institute of Technology
COMP 7003: Introduction to Information and Network Security
Ashkan Jangodaz
January 20, 2025
Abstract
The WannaCry worm and ransomware attack was launched on May 12, 2017, infecting over 200,000 Microsoft Windows devices across 150 countries. Disrupting sectors like healthcare, transportation, and manufacturing, with damages up to $4 billion. WannaCry’s NSA-developed exploit, EternalBlue exploited vulnerabilities in Microsoft Windows Server Message Block version 1 (SMBv1). WannaCry encrypted victims’ files, demanding a starting ransom of $300 USD in bitcoin, but was unprofitable due to operational flaws, and the discovery of a kill switch by ex-hacker and cybersecurity researcher Marcus Hutchins. The attack calls into question nation-state stockpiling of cyberweapons, reliance on outdated systems, and the alleged involvement of the DPRK’s Lazarus Group. This essay explains how WannaCry works to a non-cybersecurity audience, and endorses Microsoft’s call for a “Digital Geneva Convention” to prevent future misuse of cyberweapons.
Introduction
For approximately …