X

Seven things we learned about WannaCry

The cyberattack is one of the worst of its kind in history, disrupting businesses, hospitals and government agencies. Here's everything we know so far.

Ian Sherr Contributor and Former Editor at Large / News
Ian Sherr (he/him/his) grew up in the San Francisco Bay Area, so he's always had a connection to the tech world. As an editor at large at CNET, he wrote about Apple, Microsoft, VR, video games and internet troubles. Aside from writing, he tinkers with tech at home, is a longtime fencer -- the kind with swords -- and began woodworking during the pandemic.
See full bio
Ian Sherr
3 min read
Padlock on a computer keyboard
Enlarge Image
Padlock on a computer keyboard

WannaCry is one of the biggest cyber attacks ever.

 Getty Images

How much worse can all this hacking get?

This past week saw one of the worst cyberattacks ever, striking hospitals and businesses around the world. The attack encrypted -- or scrambled -- the files on more than 300,000 computers in 150 countries, and demanded victims pay ransom of at $300.

Here are the things we've learned so far.

There was lots of warning

This hack stemmed from a vulnerability that was discovered in Microsoft 's Windows software that powers most of the worlds PCs. It was originally discovered by the National Security Agency , whose files last month were leaked onto the internet by a group known as Shadow Brokers.

Microsoft had already sent a security update to PCs running newer versions of Windows, such as Windows 10 , in March. The company also sent statements to the press that anyone running the latest updates should be protected.

A lot of people don't update their computers

More on WannaCry

Yet, despite Microsoft's warnings and the publicity around the Shadow Brokers hack, it appears many people were still vulnerable.

One of the primary reasons was that large organizations, such as hospitals and schools, are often slow to update their computers to the latest software. They often spend months evaluating how these updates will affect their systems and finding fixes. That all makes sense, but it's also leaving them open to attack.

The other thing we were reminded about is how few people are running Windows 10, which was first released in 2015. Surveys by NetMarketShare, which tracks information about computers around the world, indicate nearly half of computers out there are powered by Windows 7 , which was first released in 2009. Microsoft released a fix for that too in March.

But more than 7 percent of the world's computers are powered by Windows XP, which Microsoft didn't offer a fix for until last week, after the attack began to spread. Additionally, there's now a report that Microsoft held back this fix until the attack began spreading, choosing instead to demand hefty fees from businesses to send them the security update.

There's plenty of blame to spread around

It's easy to blame Microsoft, saying it should do more to protect the millions of computers powered by its software.

Watch this: Why the WannaCry cyberattack is so bad, and so avoidable

It's also easy to blame those IT departments at various hospitals, companies and schools around the world because they don't update the computers they manage quickly enough.

The NSA is also to blame, since it had originally found the vulnerability but then chose not to inform Microsoft. The reason it did that was so it could have a secret weapon of sorts to use against terrorists or to help with surveillance, just like the FBI ultimately did to hack into the iPhone used by one of the San Bernardino shooters. Microsoft in particular criticized this approach, saying it leaves us all less safe.

By the way, the CIA and other intelligence agencies are also known to stockpile vulnerabilities instead of alerting tech companies so they can be fixed.

Some people are paying the ransom

In the meantime, it turns out people are paying the roughly $300 (later $600) ransom, so far sending as much as $87,105 to the criminals behind the hacks.

Pretty much everyone says you shouldn't pay

That said, pretty much everyone, from the FBI to the Department of Justice to tech experts, says you should avoid paying. And there are plenty of reasons, not the least of which, the DOJ says, is that criminals have targeted previous victims hoping they'll pay again.

This attack will continue for a while

This is perhaps the most frustrating part of WannaCry. Because it spreads through file-sharing technology built into the Windows software that powers most of the world's PCs, and because people are slow to update their computers, it's likely we'll be feeling the reverberations of this attack for some time.

On the plus side, researchers are beginning to potentially find fixes for it, so this whole thing may be close to finally ending.

The hackers say more is coming

The Shadow Brokers, the hackers behind the NSA leak that arguably helped kick off this mess, say they have more unreleased hacking tools. The group said that starting in June, it will begin a "Data Dump of the Month" service. Think of it as a wine of the month club -- except, y'know, less fun.

It's Complicated: This is dating in the age of apps. Having fun yet? These stories get to the heart of the matter.

Tech Enabled: CNET chronicles tech's role in providing new kinds of accessibility.