‘WannaCry’ Ransomware News: Could Worsen On Monday, Authorities Say Don’t Pay Ransom

Approximately 200,000 computers in at least 150 countries were infected with the ransomware known as ‘WannaCry’ on Friday, May 12. The malware, which can only affect a computer if it is on, may spread further on Monday as people return to work.

‘WannaCry’ works by encrypting files in the computer and demanding a ransom of $300 in order to recover the files. If the ransom is not paid after three days, it will double to $600. After seven days without a payment, the malware threatens that “you won’t be able to recover your files forever.”

Marcus Hutchins, a 22-year-old employee of MalwareTech, has managed to halt the spread of the malware after registering a domain name to track the virus’ spread. Unfortunately, two new variations of the virus were spotted on Monday.

Like a physiological virus, ‘WannaCry’ uses each infected computer as a host to find another within the same network. Older Microsoft systems, including outdated Windows XP and Windows 2003, have proven to be the systems most affected by the hack – small companies who haven’t found a need to update security measures are at a high risk of infection.

The UK’s National Health Service was hit badly by the ransomware on Friday and is still suffering greatly from the spreading attack. Other countries and companies affected in a major way include FedEx, Russia’s interior ministry, Japanese companies Hitachi and Nissan and Renault, the French automobile manufacture. Not a single continent was spared from the attack, save for Antarctica.

While the perpetrators have yet to be identified, authorities across the globe are urging that those experiencing the attack not pay the ransom. Europol, the law enforcement agency of the European Union, said in a statement that there is no evidence that files will be returned after a payment is made. Making the payment, they say, just proves the malware to be effective.

“As a result [of payment], cybercriminals will continue their activity and look for new ways to exploit systems that result in more infections and more money in their accounts,” Europol said in a statement.

Despite the reach of the malware, experts say the hackers have only made around $51,000 as of Monday, the day that the ransom doubles (if the computer was infected on Friday). And while the hackers haven’t made the fortune they may have envisioned, cybersecutiry companies have – as of Monday morning, cybersecurity stocks saw a major boost.

Microsoft president Brad Smith says the hack was made possible by leaked information collected by the NSA.

“We have seen vulnerabilities stored by the CIA show up on Wikileaks, and now this vulnerability stolen from the NSA has affected customers around the world,” Smith said in a statement. “An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.”

If your computer is affected, Microsoft has made the MS17-010 patch available for download. The patch may be able to help restore your files and stop the malware.