20 May, 2017
That quick thinking may have saved governments and companies millions of dollars and slowed the outbreak before US -based computers were more widely infected.
In each case, a pop-up window demanded payments of $300, or about 2,000 yuan, in order to free the files. That's why it's called ransomware. Experts say this vulnerability has been understood among experts for months, yet too many groups failed to take it seriously.
The malware behind WannaCry (also called WannaCrypt, Wana Decryptor or WCry) was reported to have been stolen from the NSA in April.
Microsoft released a security patch for the vulnerabilities in March.
Companies and institutions are often slow to update their computers because it can screw up internal software that is built to work with a certain version of Windows. Because numerous computers impacted run older Windows systems like XP, Microsoft issued a rare patch for XP, which it had stopped updating more than three years ago.
The attack, already believed to be the biggest online extortion scheme ever recorded, is an "escalating threat" after hitting 200,000 victims across the world since Friday, according to the head of Europol, Europe's policing agency.
The effects were felt across the globe, with Britain's National Health Service, Russia's Interior Ministry and companies including Spain's Telefonica, FedEx Corp.in the USA and French carmaker Renault all reporting disruptions.
In the United Kingdom, hospitals were crippled by the cyberattack, which forced operations to be canceled and ambulances to be diverted.
Anyone who hasn't updated their Windows PC recently.
Infected computers appear to largely be out-of-date devices that organizations deemed not worth the price of upgrading or, in some cases, machines involved in manufacturing or hospital functions that proved too hard to patch without possibly disrupting crucial operations, security experts said. In an interview on ABC's "This Week", Clapper said the worry was "this ransomware attack will be even larger" as people return to their desks after the weekend. Bad guys generally target Windows far more than Apple's operating system because there are vastly more computers running Windows around the world.
President Donald Trump on Friday night ordered his homeland security adviser, Tom Bossert, to convene an "emergency meeting" to assess the threat posed by the global attack, a senior administration official told Reuters.
The 22-year-old researcher known as "MalwareTech", who wanted to remain anonymous, said he spotted a hidden web address in the "WannaCry" code and made it official by registering its domain name.
New versions of the worm are expected, they said, and the extent - and economic cost - of the damage from Friday's attack were unclear. Patched computers carry a much lower risk of being infected by malware or ransomware than those without an update.
When the National Security Agency lost control of the software behind the WannaCry cyberattack, it was like "the US military having some of its Tomahawk missiles stolen", Microsoft President Brad Smith says, in a message about the malicious software that has created havoc on computer networks in more than 150 countries since Friday.
Experts say the spread of the virus had been stymied by a security researcher in the United Kingdom hackers have issued new versions of the virus that cyber security organizations are actively trying to counter and stamp out.
Worse, the malware was able to create so much chaos because it was designed to self-replicate like a virus, spreading quickly once inside university, business and government networks.