global cyberattackCyberattacks seem to be growing not only in sophistication, but in reach, and over the weekend the largest such attack occurred. Thousands of computers in hundreds of countries worldwide were infected by a strain of ransomware dubbed “WannaCry” (also referred to as “WanaCrypt”). The attack began on Friday and spread steadily through the weekend, slowing down (but not stopping completely) on Monday. It is still unclear exactly how many individual systems were affected and what the total cost will be for cleaning up the mess caused by this global cyberattack, but it’s certainly clear that this kind of widespread attack — which we’ve seen before — has potential to become commonplace. How can you protect yourself? Keep reading to find out, plus learn all the details you need to know about how this attack worked and who it impacted.

How did this global cyberattack work?

If you’re familiar with ransomware, then you know that typically these malicious programs work by taking over a person’s computer or Internet-connected device and encrypting some — or all — of the files on it. The user is then presented with a screen demanding a ransom be paid in order to get their files back. Failure to pay the ransom within a specific time frame will result in total destruction of the encrypted files. While it is possible in many cases to get rid of ransomware without paying, it might come at the cost of losing any files that aren’t backed up.

What made this particular ransomware unusual is that it was designed to take advantage of a vulnerability in the Microsoft Windows Server Message Block (SMB) service, which is used by Windows computers to share files and printers across a network. Due to the file-sharing aspect of this flaw, it was manipulated to help spread the ransomware rapidly from computer to computer within a single network — thus infecting computers faster than many other ransomware programs have been noted to do in the past and facilitating a global cyberattack. Fortunately, a British security researcher stumbled upon a “kill switch” that disabled the ransomware late on Friday, May 12, slowing the spread considerably.

Who was impacted?

All in all, approximately 220,000 systems across 153 countries had been impacted as of Monday, May 15. However, since many computer systems were shut down over the weekend, it’s possible that this number will rise as more companies disclose infection after eradicating the ransomware from their systems after discovering infection when employees returned to work. This global cyberattack hit manufacturers, schools, government agencies, hospitals and more. Some of the more notable targets include the United Kingdom’s National Health Service (NHS), FedEx, Nissan, Russia Central Bank, universities in China and railway services in both Russia and Germany. A map from The Wall Street Journal shows that the U.S. was not nearly as hard hit as other countries, particularly Russia and China. Thus far, it’s been estimated that the direct cost of these attacks totals $8 billion.

What can we learn from this and other attacks?

The global nature of this cyberattack is chilling, especially since it brought about real-world consequences beyond money and time lost. Many hospitals in the UK were forced to turn away patients and reschedule surgeries due to downed computer systems, which could have potentially put lives at risk. This is far from the first time hospitals have been the targets of ransomware, but it’s one of the most wide-reaching instances as of yet. Many lives were at risk for disruption, too, considering several railways were targeted in different countries, and plenty of companies and their employees are losing time and money while the ransomware is removed from their computer systems and necessary security upgrades are made. What can the average person take away from all of this?

1. Upgrades are important. The exploit used to launch this global cyberattack is one that was patched by Microsoft two months ago in March. Many of the organizations and individuals who fell victim were ones that had neglected to install the patch at the time, and yet others are using outdated operating systems such as Windows XP that are no longer being supported by Microsoft. It’s vital that you update your devices and software as soon as possible when updates are available. Additionally, if you are using an older software or operating system, considering upgrading to keep your important files protected; this is especially vital for small businesses, which are often the most vulnerable to cyberattacks due to limited funds for upgrades and security.

2. These kinds of attacks are unlikely to stop anytime soon. What cyberattacks like this show is just how unprepared and unprotected so many companies are when it comes to cybersecurity. Updating systems can be time-consuming and expensive, so all-too-often necessary updates are ignored. That was the case for the NHS — the patch that would have protected many of those who were infected with this ransomware was sent to all hospitals in the system. While the world at large scrambles to catch up and secure its systems, it’s important for everyday people to do their due diligence to protect themselves and their data. Make it a habit to back up your files and records, as ransomware can and does target individuals as well as businesses.

Although you can’t completely protect yourself, staying in the know about what’s happening and what you can do about it is a great first step. To learn more about protecting yourself from cybercrime, follow our identity theft protection blog.