Skip to main content
Redhat Developers  Logo
  • Products

    Featured

    • Red Hat Enterprise Linux
      Red Hat Enterprise Linux Icon
    • Red Hat OpenShift AI
      Red Hat OpenShift AI
    • Red Hat Enterprise Linux AI
      Linux icon inside of a brain
    • Image mode for Red Hat Enterprise Linux
      RHEL image mode
    • Red Hat OpenShift
      Openshift icon
    • Red Hat Ansible Automation Platform
      Ansible icon
    • Red Hat Developer Hub
      Developer Hub
    • View All Red Hat Products
    • Linux

      • Red Hat Enterprise Linux
      • Image mode for Red Hat Enterprise Linux
      • Red Hat Universal Base Images (UBI)
    • Java runtimes & frameworks

      • JBoss Enterprise Application Platform
      • Red Hat build of OpenJDK
    • Kubernetes

      • Red Hat OpenShift
      • Microsoft Azure Red Hat OpenShift
      • Red Hat OpenShift Virtualization
      • Red Hat OpenShift Lightspeed
    • Integration & App Connectivity

      • Red Hat Build of Apache Camel
      • Red Hat Service Interconnect
      • Red Hat Connectivity Link
    • AI/ML

      • Red Hat OpenShift AI
      • Red Hat Enterprise Linux AI
    • Automation

      • Red Hat Ansible Automation Platform
      • Red Hat Ansible Lightspeed
    • Developer tools

      • Red Hat Trusted Software Supply Chain
      • Podman Desktop
      • Red Hat OpenShift Dev Spaces
    • Developer Sandbox

      Developer Sandbox
      Try Red Hat products and technologies without setup or configuration fees for 30 days with this shared Openshift and Kubernetes cluster.
    • Try at no cost
  • Technologies

    Featured

    • AI/ML
      AI/ML Icon
    • Linux
      Linux Icon
    • Kubernetes
      Cloud icon
    • Automation
      Automation Icon showing arrows moving in a circle around a gear
    • View All Technologies
    • Programming Languages & Frameworks

      • Java
      • Python
      • JavaScript
    • System Design & Architecture

      • Red Hat architecture and design patterns
      • Microservices
      • Event-Driven Architecture
      • Databases
    • Developer Productivity

      • Developer productivity
      • Developer Tools
      • GitOps
    • Secure Development & Architectures

      • Security
      • Secure coding
    • Platform Engineering

      • DevOps
      • DevSecOps
      • Ansible automation for applications and services
    • Automated Data Processing

      • AI/ML
      • Data Science
      • Apache Kafka on Kubernetes
      • View All Technologies
    • Start exploring in the Developer Sandbox for free

      sandbox graphic
      Try Red Hat's products and technologies without setup or configuration.
    • Try at no cost
  • Learn

    Featured

    • Kubernetes & Cloud Native
      Openshift icon
    • Linux
      Rhel icon
    • Automation
      Ansible cloud icon
    • Java
      Java icon
    • AI/ML
      AI/ML Icon
    • View All Learning Resources

    E-Books

    • GitOps Cookbook
    • Podman in Action
    • Kubernetes Operators
    • The Path to GitOps
    • View All E-books

    Cheat Sheets

    • Linux Commands
    • Bash Commands
    • Git
    • systemd Commands
    • View All Cheat Sheets

    Documentation

    • API Catalog
    • Product Documentation
    • Legacy Documentation
    • Red Hat Learning

      Learning image
      Boost your technical skills to expert-level with the help of interactive lessons offered by various Red Hat Learning programs.
    • Explore Red Hat Learning
  • Developer Sandbox

    Developer Sandbox

    • Access Red Hat’s products and technologies without setup or configuration, and start developing quicker than ever before with our new, no-cost sandbox environments.
    • Explore Developer Sandbox

    Featured Developer Sandbox activities

    • Get started with your Developer Sandbox
    • OpenShift virtualization and application modernization using the Developer Sandbox
    • Explore all Developer Sandbox activities

    Ready to start developing apps?

    • Try at no cost
  • Blog
  • Events
  • Videos

WannaCry Ransomware: Who It Affected and Why It Matters

May 19, 2017
Samantha Donaldson
Related topics:
Security
Related products:
Red Hat OpenShift

Share:

    Technology is an ever-expanding market full of opportunity and dedicated to making our lives more convenient and advanced in the process. Countless companies across the world have recognized the power in embracing technology to survive and prosper and, with this being said, the world has never been more advanced than it is today — with a future as bright as the people creating it. Furthermore, although many people believe that the modern generation is completely out of their minds and “lazy”, what they do not realize is that this form of innovation and free thinking is exactly what makes these “digital natives” so similar to their ancestors of the Industrial Revolution before them.

    However, with every great thing comes risk and, for the tech industry as a whole, this risk comes not only in the form of the sometimes dangerous advancements they provide our world with but also in the form of the people who hope to tear them down piece by piece. These people who hide in the shadows of technology and deploy their code maliciously are often referred to as hackers, and their need to destroy companies and make money off others is exactly why the tech industry is still fighting against the tides of change.

    With data breaches slowly rising every day, particularly in the business world, and countless businesses flourishing despite it, it’s no surprise that every hacker is working to tear apart new encryption methods and get a piece of these business giants. In turn, it is quickly becoming harder and harder to keep customer data safe in the digital world.

    However, on May 12th, one ransomware had spread so quickly and in such a way that not only the tech and business industries were affected, but even healthcare providers and average citizens found themselves completely locked out of their own computers and files likewise.

    How did WannaCry Spread So Quickly?

    WannaCry Ransomware

    Wanna Decryption, or WannaCry, is a ransomware that spread through Server Message Block (SMB) protocol, which is typically used by Windows machines to communicate with file systems over a network. In order to do this, the ransomware specifically targeted devices that had not received the MS17-010 Security Patch from Microsoft which was created to fix vulnerabilities in SMBv1. However, various companies, including Symantec, have claimed that WannaCry actually targets SMBv2 as well. With this said, you would ultimately have to be two months behind in your patch cycle in order to get hit with this ransomware.

    Once the ransomware was able to deploy itself, it began to spread to other devices within the network that also did not have the proper patches and took control of all of their files as well. According to various sources, once the files had been taken, the hackers would leave only two files left: one which would contain instructions on what had just happened and one explaining how to pay them via Bitcoin, the most dominant cryptocurrency of the internet, in order to ‘possbily’ receive their files once more.

    The hackers demanded $300 of each targeted computer and claimed that if they had not received payment in three days, the price would double. After a week, the hackers stated that they would delete all the files retrieved leaving you with nothing. Currently, it is reported that the hackers have tricked people into sending over $41,000 throughout the time the ransomware spread. According to Talos, WannaCry also doesn’t really target only valuable computers such as business computers or tech giants but rather targets anything it can get its hands on, “The file tasksche.exe checks for disk drives, including network shares and removable storage devices mapped to a letter, such as 'C:/', 'D:/' etc. The malware then checks for files with a file extension as listed in the appendix and encrypts these using 2048-bit RSA encryption.”

    With this being said, WannaCry appears to have been solely spread through SMB meaning that, in order to be hit behind a firewall, ports 139 and 445 would have to be open and the hosts would have to be listening to inbound connections as well. Once one machine behind the firewall is infected, this could rapidly spread to any other machines in the network due to it being self-propagating.

    Throughout the span of five days, the virus rapidly spread to over 150 countries and, in fact, you can see the rapid spread via this map using data compiled by Malware Tech. However, perhaps, the worst aspect of this virus was not just the people who had been infected, but rather the chaos it brought to the healthcare industry and their patients as well.

    Who did WannaCry affect?

    The truth is WannaCry did not just affect the average citizen but also gravely endangered the healthcare industry and its patients as well. The truth is that, with a rise in telemedicine in the last few years, most patient records are digital meaning that taking these files during a ransomware attack could lead to countless individuals being denied healthcare and also having their information sold on the black market likewise.

    In fact, in the UK alone, WannaCry hit 16 different hospitals, this was far from the only country affected, and the only hospitals hit likewise. During this time period, many were denied healthcare access, which is a very serious issue considering the recent research release in New York determining that a “third-wave” of asbestos-related diseases was upon us, among other things such as surgeries needing to be performed and pregnancies occurring throughout those five days. In fact, the National Health Service (NHS) says 16 of its organizations were attacked by WannaCry which resulted in doctors being locked out of patient records and forcing emergency rooms to send patients to other hospitals.

    With over 200,000 machines infected across the globe, it seemed as though this ransomware was a lost cause—that was until one young individual proved that you can be a hero without even knowing it in the blink of an eye.

    How Was This Ransomware Stopped?

    Flash over to a tiny home where a 22-year-old self-taught IT expert sits comfortably surrounded by empty pizza boxes, video games, and computer servers. Marcus Hutchins, better known as Malware Tech, is not your average IT graduate with a job in a computer shop in his hometown. Hutchins has been making a name for himself in the hacking world by teaching himself complex hacking techniques all his life.

    Although the young hacker recognizes that the skills gap is still a problem, he actually feels that universities are a joke and feels that teaching yourself is the best way to accomplish your dreams. After registering a garbled domain name hidden in the malware and halting the WannaCry ransomware attack, Hutchins claims the attack may be halted but could return if not handled properly. However, perhaps, we are in good hands, as the young hacker is now working alongside the Global Communications Headquarters (GCHQ) to prevent another attack from occurring.

    So, at the end of the day, the big question we must ask ourselves is what this means for the tech industry and how it will affect our future and our security as a whole. In truth, this ransomware attack may just lead to the future of young individuals in technology and a more secure world overall.

    Why Does WannaCry Matter to the Tech Industry?

    WannaCry may just be yet another ransomware attack and, although it was certainly the largest in history, the most important aspect of this situation is not the spread itself, but the way it was halted. With a rise in young individuals in the tech industry, it is no surprise that a young and self-taught individual is the reason the virus could not spread any further. However, this goes beyond Hutchins himself, as it means that young individuals in our world may actually be the future of security in little to no time at all.

    With Hutchins joining the GCHQ to try to prevent another massive attack, it only makes sense that this is the start of the youth joining tech giants to create a better tech industry overall. Although Hutchins may not believe in the usefulness of universities, it is highly important that our schools recognize the value of the students they are teaching and provide them with the kinds of learning environments that can ultimately help them to fill in the skills gap and change our world as a whole. For instance, by learning how to develop critical thinking in students, you can create a future generation that understands how to solve problems and work together in unique, yet ultimately more effective, ways.

    Once we have formed a future full of promising young individuals primed specifically for the tech industry, we can begin to formulate a safer work environment, minimize security risks for our companies, and focus on what we, as citizens, can do to prevent ransomware attacks such as Wanna Decryption from ever occurring again. In the end, WannaCry has opened up many important conversations and kicked the ball into high gear for security specialists across the globe, which may be more important than the attack itself as it could quite literally mean a safer and better world because of it.


    For a framework for building enterprise Java microservices visit WildFly Swarm and download the cheat sheet.

    Last updated: September 19, 2023

    Recent Posts

    • More Essential AI tutorials for Node.js Developers

    • How to run a fraud detection AI model on RHEL CVMs

    • How we use software provenance at Red Hat

    • Alternatives to creating bootc images from scratch

    • How to update OpenStack Services on OpenShift

    Red Hat Developers logo LinkedIn YouTube Twitter Facebook

    Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform

    Build

    • Developer Sandbox
    • Developer Tools
    • Interactive Tutorials
    • API Catalog

    Quicklinks

    • Learning Resources
    • E-books
    • Cheat Sheets
    • Blog
    • Events
    • Newsletter

    Communicate

    • About us
    • Contact sales
    • Find a partner
    • Report a website issue
    • Site Status Dashboard
    • Report a security problem

    RED HAT DEVELOPER

    Build here. Go anywhere.

    We serve the builders. The problem solvers who create careers with code.

    Join us if you’re a developer, software engineer, web designer, front-end designer, UX designer, computer scientist, architect, tester, product manager, project manager or team lead.

    Sign me up

    Red Hat legal and privacy links

    • About Red Hat
    • Jobs
    • Events
    • Locations
    • Contact Red Hat
    • Red Hat Blog
    • Inclusion at Red Hat
    • Cool Stuff Store
    • Red Hat Summit

    Red Hat legal and privacy links

    • Privacy statement
    • Terms of use
    • All policies and guidelines
    • Digital accessibility

    Report a website issue