Wannacry
Wannacry is a form of ransomware that was used to encrypt computer files and systems in May 2017. Ransomware is the name for hostage software. After encrypting files and systems, the cybercriminals demand a ransom to make them accessible again. The attack primarily targeted businesses which is consistent with the revenue model of using ransomware. Businesses not only have important data but also the means to pay the ransom. This hostage-taking software demanded 300 Bitcoins to regain access to files and systems.
The Wannacry ransomware outbreak was one of the larger ransom attacks that infected some 200,000 unique IP addresses worldwide (in at least 150 countries). This exploited a security vulnerability in a Microsoft Windows SMB server. This security flaw allowed the attacker to take over vulnerable (read: not properly secured) machines and execute arbitrary code on them, such as ransomware.
The fact that this outbreak of Wannacry ransomware did not create more digital victims was due to a "careless mistake." After all, the software contained a "kill switch." This kill switch caused all functionality to stop. Once the ransomware is active on a machine, it attempts to connect to a .com domain. The moment a successful connection is made, the ransomware stopped working. In that case, no more files were encrypted and no other machines on the network were attacked. However, the attackers had not registered the domain name in question. A security researcher bought this domain name for about eleven dollars and neutralized the attack.
