All Information About WannaCry Virus [Updated 2024]

Jerry updated on Jan 31, 2024 | Home > Knowledge Center

What Is WannaCry Virus?

WannaCry virus

WannaCry, also known as WannaCypt and Wanna Decryptor, represents one of the worst computer viruses in the 21st century. It is a crypto-ransomware worm that can spread from computer to computer. WannaCry Virus attack targets computers running the Microsoft Windows operating system, encrypts valuable data, including files, images, documents, and videos on your computer, and holds them hostage to demand ransom payments of $300 and later $600 in the Bitcoin cryptocurrency. 

How Does WannaCry Ransomware Work?

The WannaCry Virus took advantage of the vulnerabilities in the Microsoft Windows operating system to gain the ability to spread automatically. As a result, it could infect all computers in a system within hours. 

Besides, EternalBlue was also to blame. WannaCry Virus spread like wildfire using EternalBlue, an exploit leaked from National Security Agency (NSA). Before the WannaCry ransomware attack began, Microsoft had released a security patch for that exploit. Unfortunately, many individuals and organizations did not install the patch. As a result, they were left exposed to the attack.

Once WannaCry Virus was on a computer system, it searched for dozens of file types, such as Microsoft Office files, pictures, videos, and documents. Then, it would execute a routine to encrypt the data, which could only be decrypted by using an externally delivered digital key. Finally, the suffix of encrypted files would be changed to WNCRY, and the blackmail dialog box would pop up on the computer desktop for demanding payment of a ransom in the Bitcoin cryptocurrency for their return. 

However, even if the victims paid the ransom, the hackers did not release their computers or decrypt their data. 

how WannaCry ransomware works

Why Is WannaCry Virus So Successful?

WannaCry Virus infected hundreds of thousands of computers in more than 150 countries in just a few hours. The reasons why it achieved such success are listed below.

Firstly, WannaCry Virus was a kind of worm-like ransomware. That's to say, its worm could propagate itself and delete files on computers without human intervention. Secondly, some lazy computer users did not update their computer's operating system in time. Thirdly, victims clicked on the link in the email. It is believed that ransomware sometimes is caused by spam and phishing emails. 

What Is the Impact of the WannaCry Attack?

map of countries affetced by WannaCry attack

The WannaCry attack took place on May 12, 2017, in Asia and went viral globally. The WannaCry Virus was undoubtedly a global Internet virus, causing considerable losses to many people from all walks of life, especially in the field of finance, energy, and healthcare. 

The WannaCry Virus attack, unprecedented in scale, made a profound impact on organizations, infecting more than 200,000 computers in over 150 countries and causing billions of dollars in damage. Besides, it also exerted considerable influence on healthcare organizations. A case in point was that U.K.'s National Health Service bore the brunt. The WannaCry Virus affected large manufacturers, such as TSMC, Boeing, FedEx, etc. Some universities in China were inevitably influenced by the Virus.

Is WannaCry Virus Still a Threat?

WannaCry Virus and its variants remain a threat to computers if you fail to update your Windows operating system to ensure you have the latest security patch. It is also a threat to many companies if they fail to patch their systems. However, it is not in dispute that the influence of the WannaCry Virus is diminishing with the development of new technology. 

How to Defend Against Ransomware like WannaCry Virus

Now, we have gotten intimate knowledge of the destructiveness of the WannaCry Virus. Fortunately, we can take many cybersecurity steps to help defend against a ransomware attack.

For individuals, the ways to protect you from ransomware can be:

  • Update your software and operating system regularly;
  • Use anti-virus or anti-malware software;
  • Do not click on suspicious links;
  • Never open an untrusted email attachment; and 
  • Do not download software from untrusted websites.

For businesses or organizations, the ways to defend against ransomware can be:

  • Use cybersecurity software that can help detect and block ransomware threats;
  • Keep anti-malware and firewall software up to date;
  • Train the staff to keep an eye out for phishing emails or watering hole attacks;
  • Make a backup of your data frequently; and 
  • Plug exploits by regularly checking for security updates.

In this article, you can get more information about free virus removal software for computers.

Was This Page Helpful?


Updated by Jerry

"I hope my articles can help solve your technical problems. If you are interested in other articles, you can check the articles at the bottom of this page, and you can also check my Facebook to get additional help."

Read full bio

Totalav antivirus software