Ransomware Attack Does $8 Billion Worth of Damage

virus-attackLast Friday hackers launched a massive cyberattack that targeted hundreds of thousands of users and organizations in more than 150 countries. Using a “ransomware” virus called WannaCry, the malware infected computer systems by locking users out of their files and demanding money to set them free. Regardless of whether the user paid up or not, though, the virus was easily able to spread to other computers linked within the same network. Eventually one lucky researcher discovered a “kill switch” in WannaCry’s code and slowed the progress of the attack.

But the malware still had plenty of time to wreak $8 billion worth of havoc across the globe. Only a small portion of that cost came from people who paid the ransom to unlock their files. With the ransomware often demanding as little as $300, trackers say that just over $50,000 ended up in the hackers’ digital wallets. Instead, the bulk of WannaCry’s economic impact came from computer downtime. After all, companies didn’t just pay the ransom and then return to business as usual. Many remained offline for as long as 12 hours as they upgraded security systems and put other measures in place to prevent another attack.

Some companies were hit so hard that they had to stop operating altogether. The French carmaker Renault, for instance, halted production at several plants over the weekend. Meanwhile, Great Britain’s National Health Service had to turn away patients as its computer systems failed. Some hospitals still weren’t ready to operate at full capacity by Monday. Given the global impact of the WannaCry attack, investigators are desperately searching for the people responsible. The software itself was allegedly developed by the National Security Agency and then stolen by hackers who posted it online. Still, authorities do not know who spread the virus last week. Along with finding the culprits, CIOs and IT departments around the world are also updating their security procedures so that they don’t face a massive breach like this again.

Questions:

 

  1. How did the WannaCry ransomware virus cause $8 billion worth of damage?
  2. What can the WannaCry incident tell us about the importance of cyber security in today’s business world?

Source: Nick Kostov, Jeannette Neumann and Stu Woo, “Cyberattack Victims Begin to Assess Financial Damage,” The Wall Street Journal, May 15, 2017.