Here is a brief report on the WannaCry ransomware attack: Overview of the attack: What happened? The WannaCry ransomware attack, which began on May 12, 2017, was a global cyberattack that encrypted data on computers running Microsoft Windows and demanded ransom payments in Bitcoin. It exploited a vulnerability in the Server Message Block (SMB) protocol. Who was targeted? The attack targeted organizations and individuals worldwide, affecting over 200,000 computers in 150 countries. Notable victims included the UK's National Health Service (NHS), FedEx, Telefónica, and various government agencies and corporations. Type of attack vectors with specific examples. The primary attack vector was the EternalBlue exploit, a vulnerability in Microsoft's SMB protocol, which allowed the ransomware to spread rapidly across networks. WannaCry also had worm capabilities, meaning it could self-propagate from one vulnerable computer to another without user interaction once it gained initial access to a network. Impact: Financial, reputational, operational, etc. The impact was severe: Operational*: Significant disruption to critical services, especially in healthcare, leading to canceled appointments and operations. Manufacturing plants and transportation systems were also affected. Financial*: Estimated damages ranged from hundreds of millions to billions of dollars globally due to lost productivity, recovery costs, and system downtime. Reputational*: Affected organizations faced public scrutiny and loss of trust due to data unavailability and service interruptions. How was it solved? The rapid spread of WannaCry was significantly slowed by a security researcher who discovered and activated a "kill switch" domain embedded in the malware. Microsoft also released emergency security patches for older, unsupported Windows versions to mitigate the vulnerability. Organizations focused on isolating infected systems, applying patches, and restoring data from backups. Lessons learned from the attack. Key lessons included the critical importance of patch management and regularly updating software to protect against known vulnerabilities. It highlighted the necessity of robust backup and recovery strategies to minimize data loss and downtime. The attack also underscored the need for network segmentation and strong cyber hygiene practices across all organizations. That's 2 down. 3 left today — send the next one.