From May 12, more than 200,000 computer systems worldwide have been attacked by WannaCry, the most serious global ransomware infection in history. However more and more network security experts start to agree that the global network security crisis seems a joke, its creator isn't so clever as people think, and committed a chain of low-level errors.
It's said that the WannaCry get something leaded from the National Security Agency (NSA) , its code writers actually did as or by way of amateur, they expect money but have few profit up to now. Probably they gain nothing except be in jail.
When WannaCry controls computer, users' computer screen will be locked, you need to pay the value of 300 US dollars in order to decrypt the recovery of documents, otherwise computer files will be deleted. However, as of May 15, the world has more than 200,000 systems have been blackmailed, but the suspect received only about $ 55,000 worth of ransom.
The virus author set a Kill Switch by design in case they need to terminate the virus spread. The Kill Switch is to try a non-exist domain, as long as the domain is registered, the attack will stop. The Kill Switch is so plain that a 22-year-old British security researcher got it quickly and just spent $10.69 to register the domain name. The domain actually brakes the spread of the mass virus worldwide.
The ransomware's payment rate is very low. As Craig Williams, a Cisco security researcher, pointed that even if compared with the small-scale blackmail, the profit margins of this ransomware may be the lowest we have ever seen.
Because it became infamous over one night, the common opinions from either government or public have never encouraged victims to pay such ransom. This strongly blocks the willings of victims to give up to cybercrime. On the other hand, the ransomware cannot really recognize whether a victim pays ransom or not. It means that even if the victim paid the ransom, he or she cannot restore files too. Both code analyze and fact prove that the ruined files cannot be restored. In such a not "trustworthy" case, criminals only cheated $55,000 ransom.
Bitcoin is another defeat in the ransomware. A very low ratio of people heard this money, a few of them have real experience to transact with it. Besides, some countries forbidden it totally. The suspects ask for such a special money Bitcoin in a ransomware that targets all countries and common users. Clever? The result lets people doubt them.
The worse thing is the hackers may see the $55,000 but they hardly have chance to transfer it to real world. The ransom account is monitored already. This is why we can sum how much the ransomware makes. Bitcoin may help hackers receive money safely, but only if they try to exchange it to USA dollar or any other real bill, they will be uncovered. Even they transfer the money among accounts inside Bitcoin, they are possibly exposed too. It seems the hackers design "escape route" in very hasty.
However, some experts said that although the WannaCry isn't very smart, but it will inspire more imitators, especially those who are better technology, more professional. If this tool is used by them, the consequences will be disastrous. It indeed rises a new form of cybersecurity threat.