As the unprecedented ransomware attack known as WannaCry (or Wcrypt) unfolds, the cybersecurity community has marvelled at the inexplicable errors the malware’s authors have made.
Answers
Answer:
The WannaCry ransomware attack has quickly become the worst digital disaster to strike the internet in years, crippling transportation and hospitals globally. But it increasingly appears that this is not the work of hacker masterminds. Instead, cybersecurity investigators see in the recent meltdown a sloppy cybercriminal scheme, one that reveals amateur mistakes at practically every turn.
As the unprecedented ransomware attack known as WannaCry (or Wcrypt) unfolds, the cybersecurity community has marveled at the inexplicable errors the malware's authors have made. Despite the giant footprint of the attack, which leveraged a leaked NSA-created Windows hacking technique to infect more than 200,000 systems across 150 countries, malware analysts say poor choices on the part of WannaCry's creators have limited both its scope and profit.
More WannaCry
The Ransomware Meltdown Experts Warned About Is Here
How an Accidental ‘Kill Switch’ Slowed Friday’s Massive Ransomware Attack
If You Still Use Windows XP, Prepare For the Worst
Those errors include building in a web-based "kill-switch" that cut short its spread, unsavvy handling of bitcoin payments that makes it far easier to track the hacker group's profits, and even a shoddy ransom function in the malware itself. Some analysts say the system makes it impossible for the criminals to know who's paid the ransom and who hasn't.
An attack of this magnitude involving so many missteps raises plenty of questions while delivering a sobering reminder: If actual cybercriminal professionals improved on the group's methods, the results could be even graver.
Mistakes Were Made
At last count, the group behind WannaCry has earned just over $55,000 from its internet-shaking attack, a small fraction of the multimillion-dollar profits of more professional stealthy ransomware schemes. "From a ransom perspective, it's a catastrophic failure," says Craig Williams, a cybersecurity researcher with Cisco's Talos team. "High damage, very high publicity, very high law-enforcement visibility, and it has probably the lowest profit margin we’ve seen from any moderate or even small ransomware campaign."