Ransomware is malware that locks and disables a user’s computer system and demands ransom in order for the user to regain access to their computer and the files on it. Kurt Baumgartner, a security researcher at Kaspersky Lab, told The AP ransom demands start at $300 and two hours later, increasing to $400, $500 and $600.
This image provided by the Twitter page of @fendifille shows a computer at Greater Preston CCG as Britain's National Health Service is investigating "an issue with IT" Friday May 12, 2017. Several British hospitals say they are having major computer problems Hospitals in London, northwest England and other parts of the country are reporting problems with their computer systems as the result of an apparent cyberattack. (@fendifille via AP)
How does the ransomware attack happen?
The attack exploited a vulnerability in Microsoft Windows that was patched in March but not on machines that had not been updated or patched, according to NPR. It then prompts the pop ups that tells the user their files are encrypted and can be unencrypted if they pay ransom money. Once one computer is affected, the malware spreads itself across the network.
How can future attacks be prevented?
Updating computer operating systems when prompted and maintaining up-to-date software is the best bet against ransomware attacks. Many groups were affected by the attacks because machines had not had updated versions of Windows or had versions that Microsoft was no longer offering patches for.