WannaCry (2017)

Wiki article →Data →

WannaCry was a worm-propagating ransomware attack on May 12, 2017, exploiting the EternalBlue SMB vulnerability leaked from the NSA by the Shadow Brokers. It infected over 200,000 computers across 150 countries within hours and was attributed by the U.S., UK, Australia, Canada, New Zealand, and Japan to North Korea's Lazarus Group. Although the kill switch discovered by Marcus Hutchins limited propagation, the attack severely disrupted the UK's NHS (cancellation of ~19,000 appointments), affecting healthcare delivery for several days.

Details

Date

May 12, 2017

Attribution

Lazarus Group (DPRK)

AI involvement

none

Initial vector

EternalBlue SMB exploit (NSA-leaked)

Estimated total damages

~$4B globally (low ~$1B, high ~$8B)

Notable victims

UK NHS, Telefónica, FedEx, Renault, Deutsche Bahn

Related Wiki Pages

Top Related Pages

Event

WannaCry (2017)

Details

Related Wiki Pages

Top Related Pages

Change Healthcare (2024)

Colonial Pipeline (2021)

CDK Global (2024)

Indiana AI Healthcare Disclosure

Tags