Legal help for data breach compensation claims

How much did WannaCry hackers receive from their ransomware attacks?

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

When the WannaCry ransomware attack was unleashed on 12th May 2017, it was first believed that it was contained in the U.K. NHS systems – but further reports and investigations showed that the ransomware transpired to be a global epidemic, with over 150 countries affected.

The ransomware attack targeted computers running the Microsoft Windows XP operating system by encrypting data and demanding payments in Bitcoins, ranging from $300 to $600 (£233 to £466). Within a matter of hours, the ransomware had infected systems within various organisations, which included government departments.

The cyber-hackers demanded $300 (£233) in Bitcoin from PC users and victims of the hack, with the deadline to pay expiring 15th May 2017. If they didn’t, the demand rose to $600 (£466). They even took the extreme measure of threatening users that their data would be deleted indefinitely if they left it until 19th May 2017 to pay up.

Small numbers paid up…

Reportedly, only a tiny percentage of users actually gave into the ransomware demands. This could be because there are decryption tools readily available nowadays that can recover encrypted data. As of 26th May 2017, the 3 Bitcoin addresses associated with the WannaCry ransomware had reportedly pocketed around $126,968 (£98,877), according to Elliptic Enterprises Ltd, who are monitoring the cyber-criminals’ payment accounts.

This figure means that approximately 1% of victims succumbed to the ransom.

“Lower than expected”

Cybersecurity expert, Jamie Akhtar, notes the low number of victims paying the ransom, saying:

“…with over 200,000 machines affected, the figure is lower than expected.”

The figure could’ve been so much more if it wasn’t for the incidental hero who halted the attack, Marcus Hutchins.

Bolton Jiang was a victim in China who stated he had no intentions of paying the ransom. He notes:

“…even if you do pay, you won’t necessarily be able to open the files that are hit. There is no solution to it.”

Affected companies

The affected organisations included but were not limited to: FedEx, NHS, Nissan Motor Manufacturing in the U.K., Renault, Russia’s Ministry of Internal Affairs, Russian Railways and MegaFon, Romania’s Ministry of Foreign Affairs, Telenor Hungary, German railway company Deutsche Bahn, Telefonica and other large companies in Spain, several parts of the E.U., Brazil’s Sao Paulo Court of Justice and Vivo, China’s PetroChina and Public Security Bureaus, India’s Andhra Pradesh Police, Indonesia’s Dharmais and Harapan Kita hospital.

These aren’t the only affected organisations who suffered from the breach; it’s suspected there are many more across the globe.

Vulnerability of Microsoft Windows

Although there were patches to remove the vulnerabilities, Microsoft Windows note that many systems were affected as many users hadn’t updated their systems. Users using the older versions of Windows, such as Windows XP, were reportedly more vulnerable as Microsoft doesn’t have much support for outdated computing systems.

Though cybersecurity expert Mr Hutchins – aka MalwareTech – accidentally discovered the “kill switch”, he warned that it only halted the attack as the cyber-hackers could find another method to invade systems again.

Is there a way out?

Cybersecurity expert, Matt Suiche, notes in his blog that there is a potential way to decrypt systems without having to succumb to the ransom. There are of course exceptions. The technique depends on how long the cyber-hackers have hijacked the systems, and a high level of expertise is required to decrypt the computers

Mr Jiang has a point. New threats will most likely emerge soon. Another cyber-hacking group, Shadow Brokers, said that it would release more software which attacks routers, smartphones and current versions of Windows – every month. The risk is imminent and businesses need to take action.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Editor on June 13, 2017
Posted in the following categories: Hacking News and tagged with


Manchester Police fined for losing videos of violent and sexual crime victims
Yahoo exposed for not cooperating with data breach investigations
%d bloggers like this: