CINXE.COM

<!DOCTYPE html> <html class="client-nojs vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-sticky-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-toc-available" lang="en" dir="ltr"> <head> <meta charset="UTF-8"> <title>WannaCry ransomware attack - Wikipedia</title> <script>(function(){var className="client-js vector-feature-language-in-header-enabled vector-feature-language-in-main-page-header-disabled vector-feature-sticky-header-disabled vector-feature-page-tools-pinned-disabled vector-feature-toc-pinned-clientpref-1 vector-feature-main-menu-pinned-disabled vector-feature-limited-width-clientpref-1 vector-feature-limited-width-content-enabled vector-feature-custom-font-size-clientpref-1 vector-feature-appearance-pinned-clientpref-1 vector-feature-night-mode-enabled skin-theme-clientpref-day vector-toc-available";var cookie=document.cookie.match(/(?:^|; )enwikimwclientpreferences=([^;]+)/);if(cookie){cookie[1].split('%2C').forEach(function(pref){className=className.replace(new RegExp('(^| )'+pref.replace(/-clientpref-\w+$|[^\w-]+/g,'')+'-clientpref-\\w+( |$)'),'$1'+pref+'$2');});}document.documentElement.className=className;}());RLCONF={"wgBreakFrames":false,"wgSeparatorTransformTable":["",""],"wgDigitTransformTable":["",""],"wgDefaultDateFormat":"dmy", "wgMonthNames":["","January","February","March","April","May","June","July","August","September","October","November","December"],"wgRequestId":"9bb4012c-b8bb-4bc7-8605-d779cf7ab1b2","wgCanonicalNamespace":"","wgCanonicalSpecialPageName":false,"wgNamespaceNumber":0,"wgPageName":"WannaCry_ransomware_attack","wgTitle":"WannaCry ransomware attack","wgCurRevisionId":1253376473,"wgRevisionId":1253376473,"wgArticleId":54027815,"wgIsArticle":true,"wgIsRedirect":false,"wgAction":"view","wgUserName":null,"wgUserGroups":["*"],"wgCategories":["CS1 Greek-language sources (el)","CS1 Romanian-language sources (ro)","CS1 German-language sources (de)","CS1 Spanish-language sources (es)","CS1 Slovak-language sources (sk)","CS1 Thai-language sources (th)","CS1 Japanese-language sources (ja)","CS1 Portuguese-language sources (pt)","CS1 Dutch-language sources (nl)","CS1 Hungarian-language sources (hu)","CS1 Swedish-language sources (sv)","CS1 Indonesian-language sources (id)", "CS1 Italian-language sources (it)","Articles with short description","Short description is different from Wikidata","Use dmy dates from January 2021","Use British English from February 2023","All articles with unsourced statements","Articles with unsourced statements from October 2023","Commons category link from Wikidata","2017 in computing","Cyberattacks","Cybercrime","Hacking in the 2010s","May 2017 crimes","Ransomware","Computer security exploits","Windows malware","2010s internet outages","Cyberwarfare in North Korea","Cybercrime in India"],"wgPageViewLanguage":"en","wgPageContentLanguage":"en","wgPageContentModel":"wikitext","wgRelevantPageName":"WannaCry_ransomware_attack","wgRelevantArticleId":54027815,"wgIsProbablyEditable":true,"wgRelevantPageIsProbablyEditable":true,"wgRestrictionEdit":[],"wgRestrictionMove":[],"wgNoticeProject":"wikipedia","wgCiteReferencePreviewsActive":false,"wgFlaggedRevsParams":{"tags":{"status":{"levels":1}}},"wgMediaViewerOnClick":true, "wgMediaViewerEnabledByDefault":true,"wgPopupsFlags":0,"wgVisualEditor":{"pageLanguageCode":"en","pageLanguageDir":"ltr","pageVariantFallbacks":"en"},"wgMFDisplayWikibaseDescriptions":{"search":true,"watchlist":true,"tagline":false,"nearby":true},"wgWMESchemaEditAttemptStepOversample":false,"wgWMEPageLength":100000,"wgRelatedArticlesCompat":[],"wgCentralAuthMobileDomain":false,"wgEditSubmitButtonLabelPublish":true,"wgULSPosition":"interlanguage","wgULSisCompactLinksEnabled":false,"wgVector2022LanguageInHeader":true,"wgULSisLanguageSelectorEmpty":false,"wgWikibaseItemId":"Q29957041","wgCheckUserClientHintsHeadersJsApi":["brands","architecture","bitness","fullVersionList","mobile","model","platform","platformVersion"],"GEHomepageSuggestedEditsEnableTopics":true,"wgGETopicsMatchModeEnabled":false,"wgGEStructuredTaskRejectionReasonTextInputEnabled":false,"wgGELevelingUpEnabledForUser":false};RLSTATE={"ext.globalCssJs.user.styles":"ready","site.styles":"ready","user.styles":"ready", "ext.globalCssJs.user":"ready","user":"ready","user.options":"loading","ext.cite.styles":"ready","skins.vector.search.codex.styles":"ready","skins.vector.styles":"ready","skins.vector.icons":"ready","jquery.makeCollapsible.styles":"ready","ext.wikimediamessages.styles":"ready","ext.visualEditor.desktopArticleTarget.noscript":"ready","ext.uls.interlanguage":"ready","wikibase.client.init":"ready","ext.wikimediaBadges":"ready"};RLPAGEMODULES=["ext.cite.ux-enhancements","mediawiki.page.media","site","mediawiki.page.ready","jquery.makeCollapsible","mediawiki.toc","skins.vector.js","ext.centralNotice.geoIP","ext.centralNotice.startUp","ext.gadget.ReferenceTooltips","ext.gadget.switcher","ext.urlShortener.toolbar","ext.centralauth.centralautologin","mmv.bootstrap","ext.popups","ext.visualEditor.desktopArticleTarget.init","ext.visualEditor.targetLoader","ext.echo.centralauth","ext.eventLogging","ext.wikimediaEvents","ext.navigationTiming","ext.uls.interface","ext.cx.eventlogging.campaigns", "ext.cx.uls.quick.actions","wikibase.client.vector-2022","ext.checkUser.clientHints","ext.growthExperiments.SuggestedEditSession","wikibase.sidebar.tracking"];</script> <script>(RLQ=window.RLQ||[]).push(function(){mw.loader.impl(function(){return["user.options@12s5i",function($,jQuery,require,module){mw.user.tokens.set({"patrolToken":"+\\","watchToken":"+\\","csrfToken":"+\\"}); }];});});</script> <link rel="stylesheet" href="/w/load.php?lang=en&modules=ext.cite.styles%7Cext.uls.interlanguage%7Cext.visualEditor.desktopArticleTarget.noscript%7Cext.wikimediaBadges%7Cext.wikimediamessages.styles%7Cjquery.makeCollapsible.styles%7Cskins.vector.icons%2Cstyles%7Cskins.vector.search.codex.styles%7Cwikibase.client.init&only=styles&skin=vector-2022"> <script async="" src="/w/load.php?lang=en&modules=startup&only=scripts&raw=1&skin=vector-2022"></script> <meta name="ResourceLoaderDynamicStyles" content=""> <link rel="stylesheet" href="/w/load.php?lang=en&modules=site.styles&only=styles&skin=vector-2022"> <meta name="generator" content="MediaWiki 1.44.0-wmf.4"> <meta name="referrer" content="origin"> <meta name="referrer" content="origin-when-cross-origin"> <meta name="robots" content="max-image-preview:standard"> <meta name="format-detection" content="telephone=no"> <meta property="og:image" content="https://upload.wikimedia.org/wikipedia/en/1/18/Wana_Decrypt0r_screenshot.png"> <meta property="og:image:width" content="1200"> <meta property="og:image:height" content="906"> <meta property="og:image" content="https://upload.wikimedia.org/wikipedia/en/1/18/Wana_Decrypt0r_screenshot.png"> <meta property="og:image:width" content="800"> <meta property="og:image:height" content="604"> <meta property="og:image:width" content="640"> <meta property="og:image:height" content="483"> <meta name="viewport" content="width=1120"> <meta property="og:title" content="WannaCry ransomware attack - Wikipedia"> <meta property="og:type" content="website"> <link rel="preconnect" href="//upload.wikimedia.org"> <link rel="alternate" media="only screen and (max-width: 640px)" href="//en.m.wikipedia.org/wiki/WannaCry_ransomware_attack"> <link rel="alternate" type="application/x-wiki" title="Edit this page" href="/w/index.php?title=WannaCry_ransomware_attack&action=edit"> <link rel="apple-touch-icon" href="/static/apple-touch/wikipedia.png"> <link rel="icon" href="/static/favicon/wikipedia.ico"> <link rel="search" type="application/opensearchdescription+xml" href="/w/rest.php/v1/search" title="Wikipedia (en)"> <link rel="EditURI" type="application/rsd+xml" href="//en.wikipedia.org/w/api.php?action=rsd"> <link rel="canonical" href="https://en.wikipedia.org/wiki/WannaCry_ransomware_attack"> <link rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/deed.en"> <link rel="alternate" type="application/atom+xml" title="Wikipedia Atom feed" href="/w/index.php?title=Special:RecentChanges&feed=atom"> <link rel="dns-prefetch" href="//meta.wikimedia.org" /> <link rel="dns-prefetch" href="//login.wikimedia.org"> </head> <body class="skin--responsive skin-vector skin-vector-search-vue mediawiki ltr sitedir-ltr mw-hide-empty-elt ns-0 ns-subject mw-editable page-WannaCry_ransomware_attack rootpage-WannaCry_ransomware_attack skin-vector-2022 action-view"><a class="mw-jump-link" href="#bodyContent">Jump to content</a> <div class="vector-header-container"> <header class="vector-header mw-header"> <div class="vector-header-start"> <nav class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-dropdown" class="vector-dropdown vector-main-menu-dropdown vector-button-flush-left vector-button-flush-right" > <input type="checkbox" id="vector-main-menu-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-main-menu-dropdown" class="vector-dropdown-checkbox " aria-label="Main menu" > <label id="vector-main-menu-dropdown-label" for="vector-main-menu-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" > Main menu </label> <div class="vector-dropdown-content"> <div id="vector-main-menu-unpinned-container" class="vector-unpinned-container"> <div id="vector-main-menu" class="vector-main-menu vector-pinnable-element"> <div class="vector-pinnable-header vector-main-menu-pinnable-header vector-pinnable-header-unpinned" data-feature-name="main-menu-pinned" data-pinnable-element-id="vector-main-menu" data-pinned-container-id="vector-main-menu-pinned-container" data-unpinned-container-id="vector-main-menu-unpinned-container" > <div class="vector-pinnable-header-label">Main menu</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-main-menu.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-main-menu.unpin">hide</button> </div> <div id="p-navigation" class="vector-menu mw-portlet mw-portlet-navigation" > <div class="vector-menu-heading"> Navigation </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-mainpage-description" class="mw-list-item"><a href="/wiki/Main_Page" title="Visit the main page [z]" accesskey="z">Main page</a></li><li id="n-contents" class="mw-list-item"><a href="/wiki/Wikipedia:Contents" title="Guides to browsing Wikipedia">Contents</a></li><li id="n-currentevents" class="mw-list-item"><a href="/wiki/Portal:Current_events" title="Articles related to current events">Current events</a></li><li id="n-randompage" class="mw-list-item"><a href="/wiki/Special:Random" title="Visit a randomly selected article [x]" accesskey="x">Random article</a></li><li id="n-aboutsite" class="mw-list-item"><a href="/wiki/Wikipedia:About" title="Learn about Wikipedia and how it works">About Wikipedia</a></li><li id="n-contactpage" class="mw-list-item"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us" title="How to contact Wikipedia">Contact us</a></li> </ul> </div> </div> <div id="p-interaction" class="vector-menu mw-portlet mw-portlet-interaction" > <div class="vector-menu-heading"> Contribute </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="n-help" class="mw-list-item"><a href="/wiki/Help:Contents" title="Guidance on how to use and edit Wikipedia">Help</a></li><li id="n-introduction" class="mw-list-item"><a href="/wiki/Help:Introduction" title="Learn how to edit Wikipedia">Learn to edit</a></li><li id="n-portal" class="mw-list-item"><a href="/wiki/Wikipedia:Community_portal" title="The hub for editors">Community portal</a></li><li id="n-recentchanges" class="mw-list-item"><a href="/wiki/Special:RecentChanges" title="A list of recent changes to Wikipedia [r]" accesskey="r">Recent changes</a></li><li id="n-upload" class="mw-list-item"><a href="/wiki/Wikipedia:File_upload_wizard" title="Add images or other media for use on Wikipedia">Upload file</a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> <a href="/wiki/Main_Page" class="mw-logo"> <img class="mw-logo-icon" src="/static/images/icons/wikipedia.png" alt="" aria-hidden="true" height="50" width="50"> <img class="mw-logo-wordmark" alt="Wikipedia" src="/static/images/mobile/copyright/wikipedia-wordmark-en.svg" style="width: 7.5em; height: 1.125em;"> <img class="mw-logo-tagline" alt="The Free Encyclopedia" src="/static/images/mobile/copyright/wikipedia-tagline-en.svg" width="117" height="13" style="width: 7.3125em; height: 0.8125em;"> </a> </div> <div class="vector-header-end"> <div id="p-search" role="search" class="vector-search-box-vue vector-search-box-collapses vector-search-box-show-thumbnail vector-search-box-auto-expand-width vector-search-box"> <a href="/wiki/Special:Search" class="cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only search-toggle" title="Search Wikipedia [f]" accesskey="f"> Search </a> <div class="vector-typeahead-search-container"> <div class="cdx-typeahead-search cdx-typeahead-search--show-thumbnail cdx-typeahead-search--auto-expand-width"> <form action="/w/index.php" id="searchform" class="cdx-search-input cdx-search-input--has-end-button"> <div id="simpleSearch" class="cdx-search-input__input-wrapper" data-search-loc="header-moved"> <div class="cdx-text-input cdx-text-input--has-start-icon"> <input class="cdx-text-input__input" type="search" name="search" placeholder="Search Wikipedia" aria-label="Search Wikipedia" autocapitalize="sentences" title="Search Wikipedia [f]" accesskey="f" id="searchInput" > </div> <input type="hidden" name="title" value="Special:Search"> </div> <button class="cdx-button cdx-search-input__end-button">Search</button> </form> </div> </div> </div> <nav class="vector-user-links vector-user-links-wide" aria-label="Personal tools"> <div class="vector-user-links-main"> <div id="p-vector-user-menu-preferences" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-userpage" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-dropdown" class="vector-dropdown " title="Change the appearance of the page's font size, width, and color" > <input type="checkbox" id="vector-appearance-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-appearance-dropdown" class="vector-dropdown-checkbox " aria-label="Appearance" > <label id="vector-appearance-dropdown-label" for="vector-appearance-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" > Appearance </label> <div class="vector-dropdown-content"> <div id="vector-appearance-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <div id="p-vector-user-menu-notifications" class="vector-menu mw-portlet emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> <div id="p-vector-user-menu-overflow" class="vector-menu mw-portlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="https://donate.wikimedia.org/wiki/Special:FundraiserRedirector?utm_source=donate&utm_medium=sidebar&utm_campaign=C13_en.wikipedia.org&uselang=en" class="">Donate</a> </li> <li id="pt-createaccount-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:CreateAccount&returnto=WannaCry+ransomware+attack" title="You are encouraged to create an account and log in; however, it is not mandatory" class="">Create account</a> </li> <li id="pt-login-2" class="user-links-collapsible-item mw-list-item user-links-collapsible-item"><a data-mw="interface" href="/w/index.php?title=Special:UserLogin&returnto=WannaCry+ransomware+attack" title="You're encouraged to log in; however, it's not mandatory. [o]" accesskey="o" class="">Log in</a> </li> </ul> </div> </div> </div> <div id="vector-user-links-dropdown" class="vector-dropdown vector-user-menu vector-button-flush-right vector-user-menu-logged-out" title="Log in and more options" > <input type="checkbox" id="vector-user-links-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-user-links-dropdown" class="vector-dropdown-checkbox " aria-label="Personal tools" > <label id="vector-user-links-dropdown-label" for="vector-user-links-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" > Personal tools </label> <div class="vector-dropdown-content"> <div id="p-personal" class="vector-menu mw-portlet mw-portlet-personal user-links-collapsible-item" title="User menu" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-sitesupport" class="user-links-collapsible-item mw-list-item"><a href="https://donate.wikimedia.org/wiki/Special:FundraiserRedirector?utm_source=donate&utm_medium=sidebar&utm_campaign=C13_en.wikipedia.org&uselang=en">Donate</a></li><li id="pt-createaccount" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:CreateAccount&returnto=WannaCry+ransomware+attack" title="You are encouraged to create an account and log in; however, it is not mandatory"> Create account</a></li><li id="pt-login" class="user-links-collapsible-item mw-list-item"><a href="/w/index.php?title=Special:UserLogin&returnto=WannaCry+ransomware+attack" title="You're encouraged to log in; however, it's not mandatory. [o]" accesskey="o"> Log in</a></li> </ul> </div> </div> <div id="p-user-menu-anon-editor" class="vector-menu mw-portlet mw-portlet-user-menu-anon-editor" > <div class="vector-menu-heading"> Pages for logged out editors <a href="/wiki/Help:Introduction" aria-label="Learn more about editing">learn more</a> </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="pt-anoncontribs" class="mw-list-item"><a href="/wiki/Special:MyContributions" title="A list of edits made from this IP address [y]" accesskey="y">Contributions</a></li><li id="pt-anontalk" class="mw-list-item"><a href="/wiki/Special:MyTalk" title="Discussion about edits from this IP address [n]" accesskey="n">Talk</a></li> </ul> </div> </div> </div> </div> </nav> </div> </header> </div> <div class="mw-page-container"> <div class="mw-page-container-inner"> <div class="vector-sitenotice-container"> <div id="siteNotice"></div> </div> <div class="vector-column-start"> <div class="vector-main-menu-container"> <div id="mw-navigation"> <nav id="mw-panel" class="vector-main-menu-landmark" aria-label="Site"> <div id="vector-main-menu-pinned-container" class="vector-pinned-container"> </div> </nav> </div> </div> <div class="vector-sticky-pinned-container"> <nav id="mw-panel-toc" aria-label="Contents" data-event-name="ui.sidebar-toc" class="mw-table-of-contents-container vector-toc-landmark"> <div id="vector-toc-pinned-container" class="vector-pinned-container"> <div id="vector-toc" class="vector-toc vector-pinnable-element"> <div class="vector-pinnable-header vector-toc-pinnable-header vector-pinnable-header-pinned" data-feature-name="toc-pinned" data-pinnable-element-id="vector-toc" > <h2 class="vector-pinnable-header-label">Contents</h2> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-toc.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-toc.unpin">hide</button> </div> <ul class="vector-toc-contents" id="mw-panel-toc-list"> <li id="toc-mw-content-text" class="vector-toc-list-item vector-toc-level-1"> <a href="#" class="vector-toc-link"> <div class="vector-toc-text">(Top)</div> </a> </li> <li id="toc-Description" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Description"> <div class="vector-toc-text"> 1 Description </div> </a> <ul id="toc-Description-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Attack" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Attack"> <div class="vector-toc-text"> 2 Attack </div> </a> <button aria-controls="toc-Attack-sublist" class="cdx-button cdx-button--weight-quiet cdx-button--icon-only vector-toc-toggle"> Toggle Attack subsection </button> <ul id="toc-Attack-sublist" class="vector-toc-list"> <li id="toc-Defensive_response" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#Defensive_response"> <div class="vector-toc-text"> 2.1 Defensive response </div> </a> <ul id="toc-Defensive_response-sublist" class="vector-toc-list"> </ul> </li> </ul> </li> <li id="toc-Attribution" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Attribution"> <div class="vector-toc-text"> 3 Attribution </div> </a> <ul id="toc-Attribution-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-Impact" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Impact"> <div class="vector-toc-text"> 4 Impact </div> </a> <button aria-controls="toc-Impact-sublist" class="cdx-button cdx-button--weight-quiet cdx-button--icon-only vector-toc-toggle"> Toggle Impact subsection </button> <ul id="toc-Impact-sublist" class="vector-toc-list"> <li id="toc-Affected_organisations" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#Affected_organisations"> <div class="vector-toc-text"> 4.1 Affected organisations </div> </a> <ul id="toc-Affected_organisations-sublist" class="vector-toc-list"> </ul> </li> </ul> </li> <li id="toc-Reactions" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#Reactions"> <div class="vector-toc-text"> 5 Reactions </div> </a> <button aria-controls="toc-Reactions-sublist" class="cdx-button cdx-button--weight-quiet cdx-button--icon-only vector-toc-toggle"> Toggle Reactions subsection </button> <ul id="toc-Reactions-sublist" class="vector-toc-list"> <li id="toc-United_Kingdom" class="vector-toc-list-item vector-toc-level-2"> <a class="vector-toc-link" href="#United_Kingdom"> <div class="vector-toc-text"> 5.1 United Kingdom </div> </a> <ul id="toc-United_Kingdom-sublist" class="vector-toc-list"> </ul> </li> </ul> </li> <li id="toc-See_also" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#See_also"> <div class="vector-toc-text"> 6 See also </div> </a> <ul id="toc-See_also-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-References" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#References"> <div class="vector-toc-text"> 7 References </div> </a> <ul id="toc-References-sublist" class="vector-toc-list"> </ul> </li> <li id="toc-External_links" class="vector-toc-list-item vector-toc-level-1 vector-toc-list-item-expanded"> <a class="vector-toc-link" href="#External_links"> <div class="vector-toc-text"> 8 External links </div> </a> <ul id="toc-External_links-sublist" class="vector-toc-list"> </ul> </li> </ul> </div> </div> </nav> </div> </div> <div class="mw-content-container"> <main id="content" class="mw-body"> <header class="mw-body-header vector-page-titlebar"> <nav aria-label="Contents" class="vector-toc-landmark"> <div id="vector-page-titlebar-toc" class="vector-dropdown vector-page-titlebar-toc vector-button-flush-left" > <input type="checkbox" id="vector-page-titlebar-toc-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-titlebar-toc" class="vector-dropdown-checkbox " aria-label="Toggle the table of contents" > <label id="vector-page-titlebar-toc-label" for="vector-page-titlebar-toc-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--icon-only " aria-hidden="true" > Toggle the table of contents </label> <div class="vector-dropdown-content"> <div id="vector-page-titlebar-toc-unpinned-container" class="vector-unpinned-container"> </div> </div> </div> </nav> <h1 id="firstHeading" class="firstHeading mw-first-heading">WannaCry ransomware attack</h1> <div id="p-lang-btn" class="vector-dropdown mw-portlet mw-portlet-lang" > <input type="checkbox" id="p-lang-btn-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-p-lang-btn" class="vector-dropdown-checkbox mw-interlanguage-selector" aria-label="Go to an article in another language. Available in 52 languages" > <label id="p-lang-btn-label" for="p-lang-btn-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet cdx-button--action-progressive mw-portlet-lang-heading-52" aria-hidden="true" > 52 languages </label> <div class="vector-dropdown-content"> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li class="interlanguage-link interwiki-af mw-list-item"><a href="https://af.wikipedia.org/wiki/WannaCry-kuberaanval" title="WannaCry-kuberaanval – Afrikaans" lang="af" hreflang="af" data-title="WannaCry-kuberaanval" data-language-autonym="Afrikaans" data-language-local-name="Afrikaans" class="interlanguage-link-target">Afrikaans</a></li><li class="interlanguage-link interwiki-ar mw-list-item"><a href="https://ar.wikipedia.org/wiki/%D9%87%D8%AC%D9%88%D9%85_%D9%88%D8%A7%D9%86%D8%A7%D9%83%D8%B1%D8%A7%D9%8A_%D8%A7%D9%84%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A" title="هجوم واناكراي الإلكتروني – Arabic" lang="ar" hreflang="ar" data-title="هجوم واناكراي الإلكتروني" data-language-autonym="العربية" data-language-local-name="Arabic" class="interlanguage-link-target">العربية</a></li><li class="interlanguage-link interwiki-az mw-list-item"><a href="https://az.wikipedia.org/wiki/WannaCry" title="WannaCry – Azerbaijani" lang="az" hreflang="az" data-title="WannaCry" data-language-autonym="Azərbaycanca" data-language-local-name="Azerbaijani" class="interlanguage-link-target">Azərbaycanca</a></li><li class="interlanguage-link interwiki-bh mw-list-item"><a href="https://bh.wikipedia.org/wiki/%E0%A4%B5%E0%A4%BE%E0%A4%A8%E0%A4%BE%E0%A4%95%E0%A5%8D%E0%A4%B0%E0%A4%BE%E0%A4%88_%E0%A4%B0%E0%A5%88%E0%A4%A8%E0%A4%B8%E0%A4%AE%E0%A4%B5%E0%A5%87%E0%A4%AF%E0%A4%B0_%E0%A4%B9%E0%A4%AE%E0%A4%B2%E0%A4%BE" title="वानाक्राई रैनसमवेयर हमला – Bhojpuri" lang="bh" hreflang="bh" data-title="वानाक्राई रैनसमवेयर हमला" data-language-autonym="भोजपुरी" data-language-local-name="Bhojpuri" class="interlanguage-link-target">भोजपुरी</a></li><li class="interlanguage-link interwiki-bg mw-list-item"><a href="https://bg.wikipedia.org/wiki/WannaCry" title="WannaCry – Bulgarian" lang="bg" hreflang="bg" data-title="WannaCry" data-language-autonym="Български" data-language-local-name="Bulgarian" class="interlanguage-link-target">Български</a></li><li class="interlanguage-link interwiki-bs mw-list-item"><a href="https://bs.wikipedia.org/wiki/WannaCry" title="WannaCry – Bosnian" lang="bs" hreflang="bs" data-title="WannaCry" data-language-autonym="Bosanski" data-language-local-name="Bosnian" class="interlanguage-link-target">Bosanski</a></li><li class="interlanguage-link interwiki-ca mw-list-item"><a href="https://ca.wikipedia.org/wiki/WannaCry" title="WannaCry – Catalan" lang="ca" hreflang="ca" data-title="WannaCry" data-language-autonym="Català" data-language-local-name="Catalan" class="interlanguage-link-target">Català</a></li><li class="interlanguage-link interwiki-cs mw-list-item"><a href="https://cs.wikipedia.org/wiki/WannaCry" title="WannaCry – Czech" lang="cs" hreflang="cs" data-title="WannaCry" data-language-autonym="Čeština" data-language-local-name="Czech" class="interlanguage-link-target">Čeština</a></li><li class="interlanguage-link interwiki-da mw-list-item"><a href="https://da.wikipedia.org/wiki/WannaCry_ransomware_angreb" title="WannaCry ransomware angreb – Danish" lang="da" hreflang="da" data-title="WannaCry ransomware angreb" data-language-autonym="Dansk" data-language-local-name="Danish" class="interlanguage-link-target">Dansk</a></li><li class="interlanguage-link interwiki-de mw-list-item"><a href="https://de.wikipedia.org/wiki/WannaCry" title="WannaCry – German" lang="de" hreflang="de" data-title="WannaCry" data-language-autonym="Deutsch" data-language-local-name="German" class="interlanguage-link-target">Deutsch</a></li><li class="interlanguage-link interwiki-et mw-list-item"><a href="https://et.wikipedia.org/wiki/WannaCry" title="WannaCry – Estonian" lang="et" hreflang="et" data-title="WannaCry" data-language-autonym="Eesti" data-language-local-name="Estonian" class="interlanguage-link-target">Eesti</a></li><li class="interlanguage-link interwiki-el mw-list-item"><a href="https://el.wikipedia.org/wiki/WannaCry" title="WannaCry – Greek" lang="el" hreflang="el" data-title="WannaCry" data-language-autonym="Ελληνικά" data-language-local-name="Greek" class="interlanguage-link-target">Ελληνικά</a></li><li class="interlanguage-link interwiki-es mw-list-item"><a href="https://es.wikipedia.org/wiki/Ataques_ransomware_WannaCry" title="Ataques ransomware WannaCry – Spanish" lang="es" hreflang="es" data-title="Ataques ransomware WannaCry" data-language-autonym="Español" data-language-local-name="Spanish" class="interlanguage-link-target">Español</a></li><li class="interlanguage-link interwiki-eu mw-list-item"><a href="https://eu.wikipedia.org/wiki/WannaCry_zibererasoa" title="WannaCry zibererasoa – Basque" lang="eu" hreflang="eu" data-title="WannaCry zibererasoa" data-language-autonym="Euskara" data-language-local-name="Basque" class="interlanguage-link-target">Euskara</a></li><li class="interlanguage-link interwiki-fa mw-list-item"><a href="https://fa.wikipedia.org/wiki/%D8%AD%D9%85%D9%84%D9%87_%D8%A8%D8%A7%D8%AC%E2%80%8C%D8%A7%D9%81%D8%B2%D8%A7%D8%B1_%D9%88%D8%A7%D9%86%D8%A7%DA%A9%D8%B1%D8%A7%DB%8C" title="حمله باج‌افزار واناکرای – Persian" lang="fa" hreflang="fa" data-title="حمله باج‌افزار واناکرای" data-language-autonym="فارسی" data-language-local-name="Persian" class="interlanguage-link-target">فارسی</a></li><li class="interlanguage-link interwiki-fr mw-list-item"><a href="https://fr.wikipedia.org/wiki/WannaCry" title="WannaCry – French" lang="fr" hreflang="fr" data-title="WannaCry" data-language-autonym="Français" data-language-local-name="French" class="interlanguage-link-target">Français</a></li><li class="interlanguage-link interwiki-ko mw-list-item"><a href="https://ko.wikipedia.org/wiki/%EC%9B%8C%EB%84%88%ED%81%AC%EB%9D%BC%EC%9D%B4" title="워너크라이 – Korean" lang="ko" hreflang="ko" data-title="워너크라이" data-language-autonym="한국어" data-language-local-name="Korean" class="interlanguage-link-target">한국어</a></li><li class="interlanguage-link interwiki-hy mw-list-item"><a href="https://hy.wikipedia.org/wiki/WannaCry" title="WannaCry – Armenian" lang="hy" hreflang="hy" data-title="WannaCry" data-language-autonym="Հայերեն" data-language-local-name="Armenian" class="interlanguage-link-target">Հայերեն</a></li><li class="interlanguage-link interwiki-hi mw-list-item"><a href="https://hi.wikipedia.org/wiki/%E0%A4%B5%E0%A5%89%E0%A4%A8%E0%A4%BE%E0%A4%95%E0%A5%8D%E0%A4%B0%E0%A4%BE%E0%A4%AF_%E0%A4%B0%E0%A5%88%E0%A4%A8%E0%A4%B8%E0%A4%AE%E0%A4%B5%E0%A5%87%E0%A4%AF%E0%A4%B0_%E0%A4%B9%E0%A4%AE%E0%A4%B2%E0%A4%BE" title="वॉनाक्राय रैनसमवेयर हमला – Hindi" lang="hi" hreflang="hi" data-title="वॉनाक्राय रैनसमवेयर हमला" data-language-autonym="हिन्दी" data-language-local-name="Hindi" class="interlanguage-link-target">हिन्दी</a></li><li class="interlanguage-link interwiki-id mw-list-item"><a href="https://id.wikipedia.org/wiki/Serangan_perangkat_pemeras_WannaCry" title="Serangan perangkat pemeras WannaCry – Indonesian" lang="id" hreflang="id" data-title="Serangan perangkat pemeras WannaCry" data-language-autonym="Bahasa Indonesia" data-language-local-name="Indonesian" class="interlanguage-link-target">Bahasa Indonesia</a></li><li class="interlanguage-link interwiki-it mw-list-item"><a href="https://it.wikipedia.org/wiki/WannaCry" title="WannaCry – Italian" lang="it" hreflang="it" data-title="WannaCry" data-language-autonym="Italiano" data-language-local-name="Italian" class="interlanguage-link-target">Italiano</a></li><li class="interlanguage-link interwiki-he mw-list-item"><a href="https://he.wikipedia.org/wiki/WannaCry" title="WannaCry – Hebrew" lang="he" hreflang="he" data-title="WannaCry" data-language-autonym="עברית" data-language-local-name="Hebrew" class="interlanguage-link-target">עברית</a></li><li class="interlanguage-link interwiki-lt mw-list-item"><a href="https://lt.wikipedia.org/wiki/WannaCry" title="WannaCry – Lithuanian" lang="lt" hreflang="lt" data-title="WannaCry" data-language-autonym="Lietuvių" data-language-local-name="Lithuanian" class="interlanguage-link-target">Lietuvių</a></li><li class="interlanguage-link interwiki-lmo mw-list-item"><a href="https://lmo.wikipedia.org/wiki/WannaCry" title="WannaCry – Lombard" lang="lmo" hreflang="lmo" data-title="WannaCry" data-language-autonym="Lombard" data-language-local-name="Lombard" class="interlanguage-link-target">Lombard</a></li><li class="interlanguage-link interwiki-hu mw-list-item"><a href="https://hu.wikipedia.org/wiki/WannaCry" title="WannaCry – Hungarian" lang="hu" hreflang="hu" data-title="WannaCry" data-language-autonym="Magyar" data-language-local-name="Hungarian" class="interlanguage-link-target">Magyar</a></li><li class="interlanguage-link interwiki-ml mw-list-item"><a href="https://ml.wikipedia.org/wiki/%E0%B4%B5%E0%B4%BE%E0%B4%A3_%E0%B4%95%E0%B5%8D%E0%B4%B0%E0%B5%88_%E0%B4%B8%E0%B5%88%E0%B4%AC%E0%B5%BC_%E0%B4%85%E0%B4%B1%E0%B5%8D%E0%B4%B1%E0%B4%BE%E0%B4%95%E0%B5%8D%E0%B4%95%E0%B5%8D" title="വാണ ക്രൈ സൈബർ അറ്റാക്ക് – Malayalam" lang="ml" hreflang="ml" data-title="വാണ ക്രൈ സൈബർ അറ്റാക്ക്" data-language-autonym="മലയാളം" data-language-local-name="Malayalam" class="interlanguage-link-target">മലയാളം</a></li><li class="interlanguage-link interwiki-ms mw-list-item"><a href="https://ms.wikipedia.org/wiki/Serangan_siber_WannaCry" title="Serangan siber WannaCry – Malay" lang="ms" hreflang="ms" data-title="Serangan siber WannaCry" data-language-autonym="Bahasa Melayu" data-language-local-name="Malay" class="interlanguage-link-target">Bahasa Melayu</a></li><li class="interlanguage-link interwiki-my mw-list-item"><a href="https://my.wikipedia.org/wiki/WannaCry_ransomware_attack" title="WannaCry ransomware attack – Burmese" lang="my" hreflang="my" data-title="WannaCry ransomware attack" data-language-autonym="မြန်မာဘာသာ" data-language-local-name="Burmese" class="interlanguage-link-target">မြန်မာဘာသာ</a></li><li class="interlanguage-link interwiki-nl mw-list-item"><a href="https://nl.wikipedia.org/wiki/WannaCry" title="WannaCry – Dutch" lang="nl" hreflang="nl" data-title="WannaCry" data-language-autonym="Nederlands" data-language-local-name="Dutch" class="interlanguage-link-target">Nederlands</a></li><li class="interlanguage-link interwiki-ja mw-list-item"><a href="https://ja.wikipedia.org/wiki/WannaCry" title="WannaCry – Japanese" lang="ja" hreflang="ja" data-title="WannaCry" data-language-autonym="日本語" data-language-local-name="Japanese" class="interlanguage-link-target">日本語</a></li><li class="interlanguage-link interwiki-pa mw-list-item"><a href="https://pa.wikipedia.org/wiki/%E0%A8%B5%E0%A8%BE%E0%A8%A8%E0%A8%BE%E0%A8%95%E0%A8%B0%E0%A8%BE%E0%A8%8F_%E0%A8%B0%E0%A9%88%E0%A8%A8%E0%A8%B8%E0%A8%AE%E0%A8%B5%E0%A9%87%E0%A8%85%E0%A8%B0_%E0%A8%B9%E0%A8%AE%E0%A8%B2%E0%A8%BE" title="ਵਾਨਾਕਰਾਏ ਰੈਨਸਮਵੇਅਰ ਹਮਲਾ – Punjabi" lang="pa" hreflang="pa" data-title="ਵਾਨਾਕਰਾਏ ਰੈਨਸਮਵੇਅਰ ਹਮਲਾ" data-language-autonym="ਪੰਜਾਬੀ" data-language-local-name="Punjabi" class="interlanguage-link-target">ਪੰਜਾਬੀ</a></li><li class="interlanguage-link interwiki-pl mw-list-item"><a href="https://pl.wikipedia.org/wiki/WannaCry" title="WannaCry – Polish" lang="pl" hreflang="pl" data-title="WannaCry" data-language-autonym="Polski" data-language-local-name="Polish" class="interlanguage-link-target">Polski</a></li><li class="interlanguage-link interwiki-pt mw-list-item"><a href="https://pt.wikipedia.org/wiki/WannaCry" title="WannaCry – Portuguese" lang="pt" hreflang="pt" data-title="WannaCry" data-language-autonym="Português" data-language-local-name="Portuguese" class="interlanguage-link-target">Português</a></li><li class="interlanguage-link interwiki-ro mw-list-item"><a href="https://ro.wikipedia.org/wiki/WannaCry" title="WannaCry – Romanian" lang="ro" hreflang="ro" data-title="WannaCry" data-language-autonym="Română" data-language-local-name="Romanian" class="interlanguage-link-target">Română</a></li><li class="interlanguage-link interwiki-ru mw-list-item"><a href="https://ru.wikipedia.org/wiki/WannaCry" title="WannaCry – Russian" lang="ru" hreflang="ru" data-title="WannaCry" data-language-autonym="Русский" data-language-local-name="Russian" class="interlanguage-link-target">Русский</a></li><li class="interlanguage-link interwiki-simple mw-list-item"><a href="https://simple.wikipedia.org/wiki/WannaCry_ransomware_attack" title="WannaCry ransomware attack – Simple English" lang="en-simple" hreflang="en-simple" data-title="WannaCry ransomware attack" data-language-autonym="Simple English" data-language-local-name="Simple English" class="interlanguage-link-target">Simple English</a></li><li class="interlanguage-link interwiki-sk mw-list-item"><a href="https://sk.wikipedia.org/wiki/WannaCry" title="WannaCry – Slovak" lang="sk" hreflang="sk" data-title="WannaCry" data-language-autonym="Slovenčina" data-language-local-name="Slovak" class="interlanguage-link-target">Slovenčina</a></li><li class="interlanguage-link interwiki-sl mw-list-item"><a href="https://sl.wikipedia.org/wiki/WannaCry" title="WannaCry – Slovenian" lang="sl" hreflang="sl" data-title="WannaCry" data-language-autonym="Slovenščina" data-language-local-name="Slovenian" class="interlanguage-link-target">Slovenščina</a></li><li class="interlanguage-link interwiki-sr mw-list-item"><a href="https://sr.wikipedia.org/wiki/WannaCry" title="WannaCry – Serbian" lang="sr" hreflang="sr" data-title="WannaCry" data-language-autonym="Српски / srpski" data-language-local-name="Serbian" class="interlanguage-link-target">Српски / srpski</a></li><li class="interlanguage-link interwiki-sh mw-list-item"><a href="https://sh.wikipedia.org/wiki/WannaCry" title="WannaCry – Serbo-Croatian" lang="sh" hreflang="sh" data-title="WannaCry" data-language-autonym="Srpskohrvatski / српскохрватски" data-language-local-name="Serbo-Croatian" class="interlanguage-link-target">Srpskohrvatski / српскохрватски</a></li><li class="interlanguage-link interwiki-fi mw-list-item"><a href="https://fi.wikipedia.org/wiki/WannaCry" title="WannaCry – Finnish" lang="fi" hreflang="fi" data-title="WannaCry" data-language-autonym="Suomi" data-language-local-name="Finnish" class="interlanguage-link-target">Suomi</a></li><li class="interlanguage-link interwiki-sv mw-list-item"><a href="https://sv.wikipedia.org/wiki/WannaCry" title="WannaCry – Swedish" lang="sv" hreflang="sv" data-title="WannaCry" data-language-autonym="Svenska" data-language-local-name="Swedish" class="interlanguage-link-target">Svenska</a></li><li class="interlanguage-link interwiki-ta mw-list-item"><a href="https://ta.wikipedia.org/wiki/%E0%AE%B5%E0%AF%8B%E0%AE%A9%E0%AF%8D%E0%AE%A9%E0%AE%BE%E0%AE%95%E0%AE%BF%E0%AE%B0%E0%AF%88_%E0%AE%AA%E0%AE%A3%E0%AE%AF%E0%AE%A4%E0%AF%8D_%E0%AE%A4%E0%AF%80%E0%AE%A8%E0%AE%BF%E0%AE%B0%E0%AE%B2%E0%AF%8D_%E0%AE%A4%E0%AE%BE%E0%AE%95%E0%AF%8D%E0%AE%95%E0%AF%81%E0%AE%A4%E0%AE%B2%E0%AF%8D" title="வோன்னாகிரை பணயத் தீநிரல் தாக்குதல் – Tamil" lang="ta" hreflang="ta" data-title="வோன்னாகிரை பணயத் தீநிரல் தாக்குதல்" data-language-autonym="தமிழ்" data-language-local-name="Tamil" class="interlanguage-link-target">தமிழ்</a></li><li class="interlanguage-link interwiki-th mw-list-item"><a href="https://th.wikipedia.org/wiki/%E0%B9%80%E0%B8%AB%E0%B8%95%E0%B8%B8%E0%B9%82%E0%B8%88%E0%B8%A1%E0%B8%95%E0%B8%B5%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B9%84%E0%B8%8B%E0%B9%80%E0%B8%9A%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B8%A7%E0%B8%AD%E0%B8%99%E0%B8%99%E0%B8%B2%E0%B8%84%E0%B8%A3%E0%B8%B2%E0%B8%A2" title="เหตุโจมตีทางไซเบอร์วอนนาคราย – Thai" lang="th" hreflang="th" data-title="เหตุโจมตีทางไซเบอร์วอนนาคราย" data-language-autonym="ไทย" data-language-local-name="Thai" class="interlanguage-link-target">ไทย</a></li><li class="interlanguage-link interwiki-tg mw-list-item"><a href="https://tg.wikipedia.org/wiki/WannaCry" title="WannaCry – Tajik" lang="tg" hreflang="tg" data-title="WannaCry" data-language-autonym="Тоҷикӣ" data-language-local-name="Tajik" class="interlanguage-link-target">Тоҷикӣ</a></li><li class="interlanguage-link interwiki-tr mw-list-item"><a href="https://tr.wikipedia.org/wiki/WannaCry" title="WannaCry – Turkish" lang="tr" hreflang="tr" data-title="WannaCry" data-language-autonym="Türkçe" data-language-local-name="Turkish" class="interlanguage-link-target">Türkçe</a></li><li class="interlanguage-link interwiki-uk mw-list-item"><a href="https://uk.wikipedia.org/wiki/WannaCry" title="WannaCry – Ukrainian" lang="uk" hreflang="uk" data-title="WannaCry" data-language-autonym="Українська" data-language-local-name="Ukrainian" class="interlanguage-link-target">Українська</a></li><li class="interlanguage-link interwiki-ur mw-list-item"><a href="https://ur.wikipedia.org/wiki/%D9%88%D8%A7%D9%86%D8%A7_%DA%A9%D8%B1%D8%A7%D8%A6%DB%92" title="وانا کرائے – Urdu" lang="ur" hreflang="ur" data-title="وانا کرائے" data-language-autonym="اردو" data-language-local-name="Urdu" class="interlanguage-link-target">اردو</a></li><li class="interlanguage-link interwiki-vi mw-list-item"><a href="https://vi.wikipedia.org/wiki/V%E1%BB%A5_t%E1%BA%A5n_c%C3%B4ng_c%E1%BB%A7a_WannaCry" title="Vụ tấn công của WannaCry – Vietnamese" lang="vi" hreflang="vi" data-title="Vụ tấn công của WannaCry" data-language-autonym="Tiếng Việt" data-language-local-name="Vietnamese" class="interlanguage-link-target">Tiếng Việt</a></li><li class="interlanguage-link interwiki-zh-classical mw-list-item"><a href="https://zh-classical.wikipedia.org/wiki/%E6%AC%B2%E6%B3%A3%E8%A0%95%E8%9F%B2" title="欲泣蠕蟲 – Literary Chinese" lang="lzh" hreflang="lzh" data-title="欲泣蠕蟲" data-language-autonym="文言" data-language-local-name="Literary Chinese" class="interlanguage-link-target">文言</a></li><li class="interlanguage-link interwiki-zh-yue mw-list-item"><a href="https://zh-yue.wikipedia.org/wiki/WannaCry" title="WannaCry – Cantonese" lang="yue" hreflang="yue" data-title="WannaCry" data-language-autonym="粵語" data-language-local-name="Cantonese" class="interlanguage-link-target">粵語</a></li><li class="interlanguage-link interwiki-zh mw-list-item"><a href="https://zh.wikipedia.org/wiki/WannaCry" title="WannaCry – Chinese" lang="zh" hreflang="zh" data-title="WannaCry" data-language-autonym="中文" data-language-local-name="Chinese" class="interlanguage-link-target">中文</a></li> </ul> <div class="after-portlet after-portlet-lang"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q29957041#sitelinks-wikipedia" title="Edit interlanguage links" class="wbc-editpage">Edit links</a></div> </div> </div> </div> </header> <div class="vector-page-toolbar"> <div class="vector-page-toolbar-container"> <div id="left-navigation"> <nav aria-label="Namespaces"> <div id="p-associated-pages" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-associated-pages" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-nstab-main" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/WannaCry_ransomware_attack" title="View the content page [c]" accesskey="c">Article</a></li><li id="ca-talk" class="vector-tab-noicon mw-list-item"><a href="/wiki/Talk:WannaCry_ransomware_attack" rel="discussion" title="Discuss improvements to the content page [t]" accesskey="t">Talk</a></li> </ul> </div> </div> <div id="vector-variants-dropdown" class="vector-dropdown emptyPortlet" > <input type="checkbox" id="vector-variants-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-variants-dropdown" class="vector-dropdown-checkbox " aria-label="Change language variant" > <label id="vector-variants-dropdown-label" for="vector-variants-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" >English </label> <div class="vector-dropdown-content"> <div id="p-variants" class="vector-menu mw-portlet mw-portlet-variants emptyPortlet" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> </ul> </div> </div> </div> </div> </nav> </div> <div id="right-navigation" class="vector-collapsible"> <nav aria-label="Views"> <div id="p-views" class="vector-menu vector-menu-tabs mw-portlet mw-portlet-views" > <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-view" class="selected vector-tab-noicon mw-list-item"><a href="/wiki/WannaCry_ransomware_attack">Read</a></li><li id="ca-edit" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit" title="Edit this page [e]" accesskey="e">Edit</a></li><li id="ca-history" class="vector-tab-noicon mw-list-item"><a href="/w/index.php?title=WannaCry_ransomware_attack&action=history" title="Past revisions of this page [h]" accesskey="h">View history</a></li> </ul> </div> </div> </nav> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-dropdown" class="vector-dropdown vector-page-tools-dropdown" > <input type="checkbox" id="vector-page-tools-dropdown-checkbox" role="button" aria-haspopup="true" data-event-name="ui.dropdown-vector-page-tools-dropdown" class="vector-dropdown-checkbox " aria-label="Tools" > <label id="vector-page-tools-dropdown-label" for="vector-page-tools-dropdown-checkbox" class="vector-dropdown-label cdx-button cdx-button--fake-button cdx-button--fake-button--enabled cdx-button--weight-quiet" aria-hidden="true" >Tools </label> <div class="vector-dropdown-content"> <div id="vector-page-tools-unpinned-container" class="vector-unpinned-container"> <div id="vector-page-tools" class="vector-page-tools vector-pinnable-element"> <div class="vector-pinnable-header vector-page-tools-pinnable-header vector-pinnable-header-unpinned" data-feature-name="page-tools-pinned" data-pinnable-element-id="vector-page-tools" data-pinned-container-id="vector-page-tools-pinned-container" data-unpinned-container-id="vector-page-tools-unpinned-container" > <div class="vector-pinnable-header-label">Tools</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-page-tools.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-page-tools.unpin">hide</button> </div> <div id="p-cactions" class="vector-menu mw-portlet mw-portlet-cactions emptyPortlet vector-has-collapsible-items" title="More options" > <div class="vector-menu-heading"> Actions </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="ca-more-view" class="selected vector-more-collapsible-item mw-list-item"><a href="/wiki/WannaCry_ransomware_attack">Read</a></li><li id="ca-more-edit" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit" title="Edit this page [e]" accesskey="e">Edit</a></li><li id="ca-more-history" class="vector-more-collapsible-item mw-list-item"><a href="/w/index.php?title=WannaCry_ransomware_attack&action=history">View history</a></li> </ul> </div> </div> <div id="p-tb" class="vector-menu mw-portlet mw-portlet-tb" > <div class="vector-menu-heading"> General </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="t-whatlinkshere" class="mw-list-item"><a href="/wiki/Special:WhatLinksHere/WannaCry_ransomware_attack" title="List of all English Wikipedia pages containing links to this page [j]" accesskey="j">What links here</a></li><li id="t-recentchangeslinked" class="mw-list-item"><a href="/wiki/Special:RecentChangesLinked/WannaCry_ransomware_attack" rel="nofollow" title="Recent changes in pages linked from this page [k]" accesskey="k">Related changes</a></li><li id="t-upload" class="mw-list-item"><a href="/wiki/Wikipedia:File_Upload_Wizard" title="Upload files [u]" accesskey="u">Upload file</a></li><li id="t-specialpages" class="mw-list-item"><a href="/wiki/Special:SpecialPages" title="A list of all special pages [q]" accesskey="q">Special pages</a></li><li id="t-permalink" class="mw-list-item"><a href="/w/index.php?title=WannaCry_ransomware_attack&oldid=1253376473" title="Permanent link to this revision of this page">Permanent link</a></li><li id="t-info" class="mw-list-item"><a href="/w/index.php?title=WannaCry_ransomware_attack&action=info" title="More information about this page">Page information</a></li><li id="t-cite" class="mw-list-item"><a href="/w/index.php?title=Special:CiteThisPage&page=WannaCry_ransomware_attack&id=1253376473&wpFormIdentifier=titleform" title="Information on how to cite this page">Cite this page</a></li><li id="t-urlshortener" class="mw-list-item"><a href="/w/index.php?title=Special:UrlShortener&url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FWannaCry_ransomware_attack">Get shortened URL</a></li><li id="t-urlshortener-qrcode" class="mw-list-item"><a href="/w/index.php?title=Special:QrCode&url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FWannaCry_ransomware_attack">Download QR code</a></li> </ul> </div> </div> <div id="p-coll-print_export" class="vector-menu mw-portlet mw-portlet-coll-print_export" > <div class="vector-menu-heading"> Print/export </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li id="coll-download-as-rl" class="mw-list-item"><a href="/w/index.php?title=Special:DownloadAsPdf&page=WannaCry_ransomware_attack&action=show-download-screen" title="Download this page as a PDF file">Download as PDF</a></li><li id="t-print" class="mw-list-item"><a href="/w/index.php?title=WannaCry_ransomware_attack&printable=yes" title="Printable version of this page [p]" accesskey="p">Printable version</a></li> </ul> </div> </div> <div id="p-wikibase-otherprojects" class="vector-menu mw-portlet mw-portlet-wikibase-otherprojects" > <div class="vector-menu-heading"> In other projects </div> <div class="vector-menu-content"> <ul class="vector-menu-content-list"> <li class="wb-otherproject-link wb-otherproject-commons mw-list-item"><a href="https://commons.wikimedia.org/wiki/Category:WannaCry_ransomware_attack" hreflang="en">Wikimedia Commons</a></li><li id="t-wikibase" class="wb-otherproject-link wb-otherproject-wikibase-dataitem mw-list-item"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q29957041" title="Structured data on this page hosted by Wikidata [g]" accesskey="g">Wikidata item</a></li> </ul> </div> </div> </div> </div> </div> </div> </nav> </div> </div> </div> <div class="vector-column-end"> <div class="vector-sticky-pinned-container"> <nav class="vector-page-tools-landmark" aria-label="Page tools"> <div id="vector-page-tools-pinned-container" class="vector-pinned-container"> </div> </nav> <nav class="vector-appearance-landmark" aria-label="Appearance"> <div id="vector-appearance-pinned-container" class="vector-pinned-container"> <div id="vector-appearance" class="vector-appearance vector-pinnable-element"> <div class="vector-pinnable-header vector-appearance-pinnable-header vector-pinnable-header-pinned" data-feature-name="appearance-pinned" data-pinnable-element-id="vector-appearance" data-pinned-container-id="vector-appearance-pinned-container" data-unpinned-container-id="vector-appearance-unpinned-container" > <div class="vector-pinnable-header-label">Appearance</div> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-pin-button" data-event-name="pinnable-header.vector-appearance.pin">move to sidebar</button> <button class="vector-pinnable-header-toggle-button vector-pinnable-header-unpin-button" data-event-name="pinnable-header.vector-appearance.unpin">hide</button> </div> </div> </div> </nav> </div> </div> <div id="bodyContent" class="vector-body" aria-labelledby="firstHeading" data-mw-ve-target-container> <div class="vector-body-before-content"> <div class="mw-indicators"> </div> <div id="siteSub" class="noprint">From Wikipedia, the free encyclopedia</div> </div> <div id="contentSub"><div id="mw-content-subtitle"></div></div> <div id="mw-content-text" class="mw-body-content"><div class="mw-content-ltr mw-parser-output" lang="en" dir="ltr"><div class="shortdescription nomobile noexcerpt noprint searchaux" style="display:none">2017 worldwide ransomware cyberattack</div> <style data-mw-deduplicate="TemplateStyles:r1236090951">.mw-parser-output .hatnote{font-style:italic}.mw-parser-output div.hatnote{padding-left:1.6em;margin-bottom:0.5em}.mw-parser-output .hatnote i{font-style:normal}.mw-parser-output .hatnote+link+.hatnote{margin-top:-0.5em}@media print{body.ns-0 .mw-parser-output .hatnote{display:none!important}}</style><div role="note" class="hatnote navigation-not-searchable">For the June 2017 worldwide EternalBlue Petya cyberattack, see <a href="/wiki/2017_Ukraine_ransomware_attacks" title="2017 Ukraine ransomware attacks">2017 Ukraine ransomware attacks</a>.</div> <style data-mw-deduplicate="TemplateStyles:r1257001546">.mw-parser-output .infobox-subbox{padding:0;border:none;margin:-3px;width:auto;min-width:100%;font-size:100%;clear:none;float:none;background-color:transparent}.mw-parser-output .infobox-3cols-child{margin:auto}.mw-parser-output .infobox .navbar{font-size:100%}@media screen{html.skin-theme-clientpref-night .mw-parser-output .infobox-full-data:not(.notheme)>div:not(.notheme)[style]{background:#1f1f23!important;color:#f8f9fa}}@media screen and (prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .infobox-full-data:not(.notheme) div:not(.notheme){background:#1f1f23!important;color:#f8f9fa}}@media(min-width:640px){body.skin--responsive .mw-parser-output .infobox-table{display:table!important}body.skin--responsive .mw-parser-output .infobox-table>caption{display:table-caption!important}body.skin--responsive .mw-parser-output .infobox-table>tbody{display:table-row-group}body.skin--responsive .mw-parser-output .infobox-table tr{display:table-row!important}body.skin--responsive .mw-parser-output .infobox-table th,body.skin--responsive .mw-parser-output .infobox-table td{padding-left:inherit;padding-right:inherit}}</style><table class="infobox"><tbody><tr><th colspan="2" class="infobox-above" style="background-color:#FFADAD;text-align:center;vertical-align:middle;font-size:110%;">WannaCry</th></tr><tr><th scope="row" class="infobox-label">Technical name</th><td class="infobox-data"> <ul><li>WORM_WCRY.[letter] (Trend Micro)</li> <li>Win32/Exploit.CVE-2017-0147.[letter] (ESET-NOD32)</li> <li>Ransom:Win32/WannaCrypt (Microsoft)</li> <li>Ransom.Wannacry (Symantec)</li> <li>Trojan.Ransom.WannaCryptor.[letter] (BitDefender)</li> <li>W32/Wanna.D!tr (Fortinet)</li></ul> </td></tr><tr><td colspan="2" class="infobox-full-data"><a href="/wiki/File:Wana_Decrypt0r_screenshot.png" class="mw-file-description"><img src="//upload.wikimedia.org/wikipedia/en/thumb/1/18/Wana_Decrypt0r_screenshot.png/240px-Wana_Decrypt0r_screenshot.png" decoding="async" width="240" height="181" class="mw-file-element" srcset="//upload.wikimedia.org/wikipedia/en/thumb/1/18/Wana_Decrypt0r_screenshot.png/360px-Wana_Decrypt0r_screenshot.png 1.5x, //upload.wikimedia.org/wikipedia/en/thumb/1/18/Wana_Decrypt0r_screenshot.png/480px-Wana_Decrypt0r_screenshot.png 2x" data-file-width="600" data-file-height="453" /></a></td></tr><tr><td colspan="2" class="infobox-full-data">Screenshot of the ransom note left on an infected system</td></tr><tr><td colspan="2" class="infobox-full-data"><div style="background-color:#ffdcd7; height:2px; margin: 0 -1px ;"></div></td></tr><tr><th scope="row" class="infobox-label">Alias</th><td class="infobox-data">Transformations: <ul><li>Wanna → Wana</li> <li>Cryptor → Crypt0r</li> <li>Cryptor → Decryptor</li> <li>Cryptor → Crypt → Cry</li> <li>Addition of "2.0"</li></ul> Short names: <ul><li>Wanna → WN → W</li> <li>Cry → CRY</li></ul> </td></tr><tr><th scope="row" class="infobox-label">Type</th><td class="infobox-data"><a href="/wiki/Computer_worm" title="Computer worm">Worm</a></td></tr><tr><th scope="row" class="infobox-label">Subtype</th><td class="infobox-data"><a href="/wiki/Ransomware" title="Ransomware">Ransomware</a></td></tr><tr><th scope="row" class="infobox-label">Origin</th><td class="infobox-data"><a href="/wiki/Pyongyang" title="Pyongyang">Pyongyang</a>, <a href="/wiki/North_Korea" title="North Korea">North Korea</a> (not confirmed)</td></tr><tr><th colspan="2" class="infobox-header" style="background-color:#ffdcd7;">Cyberattack event</th></tr><tr><th scope="row" class="infobox-label">Date</th><td class="infobox-data">12 May 2017 – 15 May 2017 (initial outbreak)</td></tr><tr><th scope="row" class="infobox-label">Location</th><td class="infobox-data">Worldwide</td></tr><tr><th scope="row" class="infobox-label">Theme</th><td class="infobox-data">Ransomware encrypting files with US$300–600 demand (via bitcoin)</td></tr><tr><th scope="row" class="infobox-label">Outcome</th><td class="infobox-data">300,000+ computers infected<a href="#cite_note-1">[1]</a><a href="#cite_note-2">[2]</a><a href="#cite_note-threaten_release-3">[3]</a></td></tr><tr><th scope="row" class="infobox-label">Losses</th><td class="infobox-data">Up to US$4 billion</td></tr><tr><th scope="row" class="infobox-label">Suspects</th><td class="infobox-data"><a href="/wiki/Lazarus_Group" title="Lazarus Group">Lazarus Group</a></td></tr><tr><th scope="row" class="infobox-label">Convicted</th><td class="infobox-data">None</td></tr><tr><th colspan="2" class="infobox-header" style="background-color:#ffdcd7;">Technical details</th></tr><tr><th scope="row" class="infobox-label">Platform</th><td class="infobox-data"><a href="/wiki/Microsoft_Windows" title="Microsoft Windows">Microsoft Windows</a></td></tr><tr><th scope="row" class="infobox-label">Filename</th><td class="infobox-data"><code>mssecsvc.exe</code></td></tr><tr><th scope="row" class="infobox-label">Size</th><td class="infobox-data">3723264 bytes</td></tr><tr><th scope="row" class="infobox-label">Ports used</th><td class="infobox-data"><a href="/wiki/Server_Message_Block" title="Server Message Block">Server Message Block</a></td></tr><tr><th scope="row" class="infobox-label">Abused exploits</th><td class="infobox-data"><a rel="nofollow" class="external text" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0145">CVE-2017-0145</a></td></tr><tr><th scope="row" class="infobox-label">Written in</th><td class="infobox-data">Microsoft Visual C++ 6.0</td></tr></tbody></table> The WannaCry ransomware attack was a worldwide <a href="/wiki/Cyberattack" title="Cyberattack">cyberattack</a> in May 2017 by the WannaCry <a href="/wiki/Ransomware" title="Ransomware">ransomware</a> <a href="/wiki/Cryptovirology" title="Cryptovirology">cryptoworm</a>, which targeted computers running the <a href="/wiki/Microsoft_Windows" title="Microsoft Windows">Microsoft Windows</a> <a href="/wiki/Operating_system" title="Operating system">operating system</a> by encrypting data and demanding ransom payments in the <a href="/wiki/Bitcoin" title="Bitcoin">Bitcoin</a> <a href="/wiki/Cryptocurrency" title="Cryptocurrency">cryptocurrency</a>.<a href="#cite_note-4">[4]</a> It was propagated using <a href="/wiki/EternalBlue" title="EternalBlue">EternalBlue</a>, an exploit developed by the United States <a href="/wiki/National_Security_Agency" title="National Security Agency">National Security Agency</a> (NSA) for Windows systems. EternalBlue was stolen and leaked by a group called <a href="/wiki/The_Shadow_Brokers" title="The Shadow Brokers">The Shadow Brokers</a> a month prior to the attack. While <a href="/wiki/Microsoft" title="Microsoft">Microsoft</a> had released patches previously to close the exploit, much of WannaCry's spread was from organizations that had not applied these, or were using older Windows systems that were past their <a href="/wiki/End-of-life_product" title="End-of-life product">end of life</a>. These patches were imperative to cyber security, but many organizations did not apply them, citing a need for 24/7 operation, the risk of formerly working applications breaking because of the changes, lack of personnel or time to install them, or other reasons. The attack began at 07:44 UTC on 12 May 2017 and was halted a few hours later at 15:03 UTC by the registration of a <a href="/wiki/Kill_switch" title="Kill switch">kill switch</a> discovered by <a href="/wiki/Marcus_Hutchins" title="Marcus Hutchins">Marcus Hutchins</a>. The kill switch prevented already infected computers from being encrypted or further spreading WannaCry.<a href="#cite_note-5">[5]</a> The attack was estimated to have affected more than 300,000 computers<a href="#cite_note-:4-6">[6]</a> across 150 countries,<a href="#cite_note-:4-6">[6]</a> with total damages ranging from hundreds of millions to billions of <a href="/wiki/United_States_dollar" title="United States dollar">dollars</a>. At the time, security experts believed from preliminary evaluation of the worm that the attack originated from North Korea or agencies working for the country. In December 2017, the <a href="/wiki/United_States" title="United States">United States</a> and <a href="/wiki/United_Kingdom" title="United Kingdom">United Kingdom</a> formally asserted that <a href="/wiki/North_Korea" title="North Korea">North Korea</a> was behind the attack, although North Korea has denied any involvement with the attack.<a href="#cite_note-7">[7]</a> A new variant of WannaCry forced <a href="/wiki/Taiwan_Semiconductor_Manufacturing_Company" class="mw-redirect" title="Taiwan Semiconductor Manufacturing Company">Taiwan Semiconductor Manufacturing Company</a> (TSMC) to temporarily shut down several of its chip-fabrication factories in August 2018. The worm spread onto 10,000 machines in TSMC's most advanced facilities.<a href="#cite_note-8">[8]</a> <meta property="mw:PageProp/toc" /> <div class="mw-heading mw-heading2"><h2 id="Description">Description</h2>[<a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit&section=1" title="Edit section: Description">edit</a>]</div> WannaCry is a <a href="/wiki/Ransomware" title="Ransomware">ransomware</a> <a href="/wiki/Cryptovirology" title="Cryptovirology">cryptoworm</a>, which targets computers running the <a href="/wiki/Microsoft_Windows" title="Microsoft Windows">Microsoft Windows</a> <a href="/wiki/Operating_system" title="Operating system">operating system</a> by encrypting (locking) data and demanding ransom payments in the <a href="/wiki/Bitcoin" title="Bitcoin">Bitcoin</a> <a href="/wiki/Cryptocurrency" title="Cryptocurrency">cryptocurrency</a>. The worm is also known as WannaCrypt,<a href="#cite_note-microsoftreleases-9">[9]</a> Wana Decrypt0r 2.0,<a href="#cite_note-10">[10]</a> WanaCrypt0r 2.0,<a href="#cite_note-:0-11">[11]</a> and Wanna Decryptor.<a href="#cite_note-auto-12">[12]</a> It is considered a network worm because it also includes a transport mechanism to automatically spread itself. This transport code scans for vulnerable systems, then uses the <a href="/wiki/EternalBlue" title="EternalBlue">EternalBlue</a> exploit to gain access, and the <a href="/wiki/DoublePulsar" title="DoublePulsar">DoublePulsar</a> tool to install and execute a copy of itself.<a href="#cite_note-talos-13">[13]</a> WannaCry versions 0, 1 and 2 were created using <a href="/wiki/Microsoft_Visual_C%2B%2B#vc6" title="Microsoft Visual C++">Microsoft Visual C++ 6.0</a>.<a href="#cite_note-doj-14">[14]</a> EternalBlue is an <a href="/wiki/Exploit_(computer_security)" title="Exploit (computer security)">exploit</a> of Microsoft's implementation of their <a href="/wiki/Server_Message_Block" title="Server Message Block">Server Message Block</a> (SMB) protocol released by <a href="/wiki/The_Shadow_Brokers" title="The Shadow Brokers">The Shadow Brokers</a>. Much of the attention and comment around the event was occasioned by the fact that the U.S. <a href="/wiki/National_Security_Agency" title="National Security Agency">National Security Agency</a> (NSA) (from whom the exploit was likely stolen) had already discovered the vulnerability, but used it to create an exploit for its own <a href="/wiki/National_Security_Agency#Hacking_operations" title="National Security Agency">offensive work</a>, rather than report it to Microsoft.<a href="#cite_note-independent-15">[15]</a><a href="#cite_note-telegraph-16">[16]</a> Microsoft eventually discovered the vulnerability, and on <a href="/wiki/Patch_Tuesday" title="Patch Tuesday">Tuesday</a>, 14 March 2017, they issued security bulletin MS17-010, which detailed the flaw and announced that <a href="/wiki/Security_patch" class="mw-redirect" title="Security patch">patches</a> had been released for all Windows versions that were currently supported at that time, these being <a href="/wiki/Windows_Vista" title="Windows Vista">Windows Vista</a>, <a href="/wiki/Windows_7" title="Windows 7">Windows 7</a>, <a href="/wiki/Windows_8.1" title="Windows 8.1">Windows 8.1</a>, <a href="/wiki/Windows_10" title="Windows 10">Windows 10</a>, <a href="/wiki/Windows_Server_2008" title="Windows Server 2008">Windows Server 2008</a>, <a href="/wiki/Windows_Server_2008_R2" title="Windows Server 2008 R2">Windows Server 2008 R2</a>, <a href="/wiki/Windows_Server_2012" title="Windows Server 2012">Windows Server 2012</a>, and <a href="/wiki/Windows_Server_2016" title="Windows Server 2016">Windows Server 2016</a>.<a href="#cite_note-Ars_Technica-17">[17]</a> DoublePulsar is a <a href="/wiki/Backdoor_(computing)" title="Backdoor (computing)">backdoor</a> tool, also released by <a href="/wiki/The_Shadow_Brokers" title="The Shadow Brokers">The Shadow Brokers</a> on 14 April 2017. Starting from 21 April 2017, security researchers reported that there were tens of thousands of computers with the DoublePulsar backdoor installed.<a href="#cite_note-18">[18]</a> By 25 April, reports estimated that the number of infected computers could be up to several hundred thousand, with numbers increasing every day.<a href="#cite_note-19">[19]</a><a href="#cite_note-20">[20]</a> The WannaCry code can take advantage of any existing DoublePulsar infection, or installs it itself.<a href="#cite_note-talos-13">[13]</a><a href="#cite_note-21">[21]</a><a href="#cite_note-22">[22]</a> On 9 May 2017, private cybersecurity company RiskSense released code on <a href="/wiki/GitHub" title="GitHub">GitHub</a> with the stated purpose of allowing legal <a href="/wiki/White_hat_(computer_security)" title="White hat (computer security)">white hat</a> penetration testers to test the CVE-2017-0144 exploit on unpatched systems.<a href="#cite_note-23">[23]</a> When executed, the WannaCry <a href="/wiki/Malware" title="Malware">malware</a> first checks the <a href="/wiki/Kill_switch#Software" title="Kill switch">kill switch</a> domain name (iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com); if it is not found, then the ransomware <a href="/wiki/Encryption_software" title="Encryption software">encrypts</a> the computer's data,<a href="#cite_note-:1-24">[24]</a><a href="#cite_note-syma-25">[25]</a><a href="#cite_note-26">[26]</a> then attempts to exploit the SMB vulnerability to spread out to random computers on the Internet,<a href="#cite_note-mbytes-27">[27]</a> and laterally to computers on the same network.<a href="#cite_note-mcafee-28">[28]</a> On the local system, the WannaCry executable file extracts and installs binary and configuration files from its resource section. It also hides the extracted directory, modifies security descriptors, creates an encryption key, deletes shadow copies, and so on. As with other modern ransomware, the <a href="/wiki/Payload_(computing)" title="Payload (computing)">payload</a> displays a message informing the user that their files have been encrypted, and demands a payment of around US$300 in <a href="/wiki/Bitcoin" title="Bitcoin">bitcoin</a> within three days, or US$600 within seven days (equivalent to about $370 and $750 in 2023),<a href="#cite_note-syma-25">[25]</a><a href="#cite_note-29">[29]</a> warning that "you have not so enough time. [<a href="/wiki/Sic" title="Sic">sic</a>]" Three <a href="/wiki/Hardcoded" class="mw-redirect" title="Hardcoded">hardcoded</a> bitcoin addresses, or wallets, are used to receive the payments of victims. As with all such wallets, their transactions and balances are publicly accessible even though the <a href="/wiki/Cryptocurrency_wallet" title="Cryptocurrency wallet">cryptocurrency wallet</a> owners remain unknown.<a href="#cite_note-30">[30]</a> Several organizations released detailed technical write-ups of the malware, including a senior security analyst at RiskSense,<a href="#cite_note-31">[31]</a><a href="#cite_note-32">[32]</a> <a href="/wiki/Microsoft" title="Microsoft">Microsoft</a>,<a href="#cite_note-33">[33]</a> <a href="/wiki/Cisco" title="Cisco">Cisco</a>,<a href="#cite_note-talos-13">[13]</a> <a href="/wiki/Malwarebytes" title="Malwarebytes">Malwarebytes</a>,<a href="#cite_note-mbytes-27">[27]</a> <a href="/wiki/NortonLifeLock" class="mw-redirect" title="NortonLifeLock">Symantec</a>, and <a href="/wiki/McAfee" title="McAfee">McAfee</a>.<a href="#cite_note-mcafee-28">[28]</a> <div class="mw-heading mw-heading2"><h2 id="Attack">Attack</h2>[<a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit&section=2" title="Edit section: Attack">edit</a>]</div> The attack began on Friday, 12 May 2017,<a href="#cite_note-naked-34">[34]</a><a href="#cite_note-35">[35]</a> with evidence pointing to an initial infection in Asia at 07:44 UTC.<a href="#cite_note-naked-34">[34]</a><a href="#cite_note-36">[36]</a> The initial infection was likely through an exposed <a href="/wiki/Vulnerability_(computing)" class="mw-redirect" title="Vulnerability (computing)">vulnerable</a> SMB port,<a href="#cite_note-37">[37]</a> rather than <a href="/wiki/Phishing" title="Phishing">email phishing</a> as initially assumed.<a href="#cite_note-naked-34">[34]</a> Within a day the code was reported to have infected more than 230,000 computers in over 150 countries.<a href="#cite_note-:3-38">[38]</a><a href="#cite_note-cnbc1-39">[39]</a> Organizations that had not installed Microsoft's security update from March were affected by the attack.<a href="#cite_note-exploit-40">[40]</a> Those still running <a href="/wiki/End-of-life_(product)" class="mw-redirect" title="End-of-life (product)">unsupported</a> versions of <a href="/wiki/Microsoft_Windows" title="Microsoft Windows">Microsoft Windows</a>, such as <a href="/wiki/Windows_XP" title="Windows XP">Windows XP</a> and <a href="/wiki/Windows_Server_2003" title="Windows Server 2003">Windows Server 2003</a><a href="#cite_note-vicexp-41">[41]</a><a href="#cite_note-unsupported-42">[42]</a> were at particularly high risk because no security patches had been released since April 2014 for Windows XP and July 2015 for Windows Server 2003.<a href="#cite_note-microsoftreleases-9">[9]</a> A <a href="/wiki/Kaspersky_Lab" title="Kaspersky Lab">Kaspersky Lab</a> study reported, however, that less than 0.1 percent of the affected computers were running Windows XP, and that 98 percent of the affected computers were running Windows 7.<a href="#cite_note-microsoftreleases-9">[9]</a><a href="#cite_note-:2-43">[43]</a> In a controlled testing environment, the cybersecurity firm Kryptos Logic found that it was unable to infect a Windows XP system with WannaCry using just the exploits, as the payload failed to load, or caused the operating system to crash rather than actually execute and encrypt files. However, when executed manually, WannaCry could still operate on Windows XP.<a href="#cite_note-verge-xpimpact-44">[44]</a><a href="#cite_note-kl-twoweekslater-45">[45]</a><a href="#cite_note-46">[46]</a> <div class="mw-heading mw-heading3"><h3 id="Defensive_response">Defensive response</h3>[<a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit&section=3" title="Edit section: Defensive response">edit</a>]</div> Experts quickly advised affected users against paying the ransom due to no reports of people getting their data back after payment and as high revenues would encourage more of such campaigns.<a href="#cite_note-NS-47">[47]</a><a href="#cite_note-BBC-48">[48]</a><a href="#cite_note-49">[49]</a> As of 14 June 2017, after the attack had subsided, a total of 327 payments totaling US$130,634.77 (51.62396539 BTC) had been transferred.<a href="#cite_note-50">[50]</a> The day after the initial attack in May, Microsoft released out-of-band security updates for end-of-life products <a href="/wiki/Windows_XP" title="Windows XP">Windows XP</a>, <a href="/wiki/Windows_Server_2003" title="Windows Server 2003">Windows Server 2003</a> and <a href="/wiki/Windows_8" title="Windows 8">Windows 8</a>; these patches had been created in February, but were previously only available to those who paid for a custom support plan.<a href="#cite_note-unsupported-42">[42]</a><a href="#cite_note-51">[51]</a> Organizations were advised to patch Windows and plug the vulnerability in order to protect themselves from the cyber attack.[<a href="/wiki/Wikipedia:Citation_needed" title="Wikipedia:Citation needed">citation needed</a>] The head of Microsoft's Cyber Defense Operations Center, Adrienne Hall, said that "Due to the elevated risk for destructive cyber-attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt [alternative name to WannaCry]".<a href="#cite_note-52">[52]</a><a href="#cite_note-53">[53]</a> Researcher <a href="/wiki/Marcus_Hutchins" title="Marcus Hutchins">Marcus Hutchins</a><a href="#cite_note-54">[54]</a><a href="#cite_note-MalwareTech-55">[55]</a> discovered the kill switch domain <a href="/wiki/Hardcoded" class="mw-redirect" title="Hardcoded">hardcoded</a> in the malware.<a href="#cite_note-56">[56]</a><a href="#cite_note-57">[57]</a><a href="#cite_note-58">[58]</a> Registering a <a href="/wiki/Domain_name" title="Domain name">domain name</a> for a <a href="/wiki/DNS_sinkhole" title="DNS sinkhole">DNS sinkhole</a> stopped the attack spreading as a worm, because the ransomware only encrypted the computer's files if it was unable to connect to that domain, which all computers infected with WannaCry before the website's registration had been unable to do. While this did not help already infected systems, it severely slowed the spread of the initial infection and gave time for defensive measures to be deployed worldwide, particularly in North America and Asia, which had not been attacked to the same extent as elsewhere.<a href="#cite_note-59">[59]</a><a href="#cite_note-60">[60]</a><a href="#cite_note-61">[61]</a><a href="#cite_note-62">[62]</a><a href="#cite_note-63">[63]</a> On 14 May, a first variant of WannaCry appeared with a new and second<a href="#cite_note-64">[64]</a> kill-switch registered by <a href="/wiki/Matt_Suiche" title="Matt Suiche">Matt Suiche</a> on the same day. This was followed by a second variant with the third and last kill-switch on 15 May, which was registered by <a href="/wiki/Check_Point" title="Check Point">Check Point</a> threat intelligence analysts.<a href="#cite_note-65">[65]</a><a href="#cite_note-66">[66]</a> A few days later, a new version of WannaCry was detected that lacked the kill switch altogether.<a href="#cite_note-spiegel1-67">[67]</a><a href="#cite_note-68">[68]</a><a href="#cite_note-69">[69]</a><a href="#cite_note-70">[70]</a> On 19 May, it was reported that hackers were trying to use a <a href="/wiki/Mirai_(malware)" title="Mirai (malware)">Mirai</a> botnet variant to effect a <a href="/wiki/Distributed_denial-of-service_attack" class="mw-redirect" title="Distributed denial-of-service attack">distributed denial-of-service attack</a> on WannaCry's kill-switch domain with the intention of knocking it offline.<a href="#cite_note-71">[71]</a> On 22 May, Hutchins protected the domain by switching to a cached version of the site, capable of dealing with much higher traffic loads than the live site.<a href="#cite_note-72">[72]</a> Separately, researchers from <a href="/wiki/University_College_London" title="University College London">University College London</a> and <a href="/wiki/Boston_University" title="Boston University">Boston University</a> reported that their PayBreak system could defeat WannaCry and several other families of ransomware by recovering the keys used to encrypt the user's data.<a href="#cite_note-73">[73]</a><a href="#cite_note-74">[74]</a> It was discovered that Windows encryption APIs used by WannaCry may not completely clear the <a href="/wiki/Prime_number" title="Prime number">prime numbers</a> used to generate the payload's private keys from the memory, making it potentially possible to retrieve the required key if they had not yet been overwritten or cleared from resident memory. The key is kept in the memory if the WannaCry process has not been killed and the computer has not been rebooted after being infected.<a href="#cite_note-75">[75]</a> This behaviour was used by a French researcher to develop a tool known as WannaKey, which automates this process on Windows XP systems.<a href="#cite_note-zdnet-xpwannakey-76">[76]</a><a href="#cite_note-ars-wannakey-77">[77]</a><a href="#cite_note-78">[78]</a> This approach was iterated upon by a second tool known as Wanakiwi, which was tested to work on Windows 7 and Server 2008 R2 as well.<a href="#cite_note-ars-wanakiwi-79">[79]</a> Within four days of the initial outbreak, new infections had slowed to a trickle due to these responses.<a href="#cite_note-Volz-80">[80]</a> <div class="mw-heading mw-heading2"><h2 id="Attribution">Attribution</h2>[<a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit&section=4" title="Edit section: Attribution">edit</a>]</div> Linguistic analysis of the ransom notes indicated the authors were likely fluent in Chinese and proficient in English, as the versions of the notes in those languages were probably human-written while the rest seemed to be <a href="/wiki/Machine_translation" title="Machine translation">machine-translated</a>.<a href="#cite_note-register-language-81">[81]</a><a href="#cite_note-82">[82]</a> According to an analysis by the FBI's Cyber Behavioral Analysis Center, the computer that created the ransomware language files had <a href="/wiki/Hangul" title="Hangul">Hangul</a> language fonts installed, as evidenced by the presence of the "\fcharset129" <a href="/wiki/Rich_Text_Format" title="Rich Text Format">Rich Text Format</a> tag.<a href="#cite_note-doj-14">[14]</a> Metadata in the language files also indicated that the computers that created the ransomware were set to <a href="/wiki/UTC%2B09:00" title="UTC+09:00">UTC+09:00</a>, which is used in <a href="/wiki/Korea" title="Korea">Korea</a>.<a href="#cite_note-doj-14">[14]</a> A security researcher<a href="#cite_note-83">[83]</a><a href="#cite_note-84">[84]</a> initially posted a tweet<a href="#cite_note-85">[85]</a> referencing code similarities between WannaCry and previous malware. The cybersecurity companies<a href="#cite_note-86">[86]</a> <a href="/wiki/Kaspersky_Lab" title="Kaspersky Lab">Kaspersky Lab</a> and <a href="/wiki/NortonLifeLock" class="mw-redirect" title="NortonLifeLock">Symantec</a> have both said the code has some similarities with that previously used by the <a href="/wiki/Lazarus_Group" title="Lazarus Group">Lazarus Group</a><a href="#cite_note-attrib-1-87">[87]</a> (believed to have carried out <a href="/wiki/Sony_Pictures_hack" class="mw-redirect" title="Sony Pictures hack">the cyberattack on Sony Pictures</a> in 2014 and <a href="/wiki/Bangladesh_Bank_heist" class="mw-redirect" title="Bangladesh Bank heist">a Bangladesh bank heist</a> in 2016—and linked to <a href="/wiki/North_Korea" title="North Korea">North Korea</a>).<a href="#cite_note-attrib-1-87">[87]</a> This could also be either simple re-use of code by another group<a href="#cite_note-88">[88]</a> or an attempt to shift blame—as in a <a href="/wiki/Cyber_false_flag" class="mw-redirect" title="Cyber false flag">cyber false flag</a> operation;<a href="#cite_note-attrib-1-87">[87]</a> but a leaked internal NSA memo is alleged to have also linked the creation of the worm to North Korea.<a href="#cite_note-washpo-nsa-dprk-89">[89]</a> <a href="/wiki/Brad_Smith_(American_lawyer)" title="Brad Smith (American lawyer)">Brad Smith</a>, the president of Microsoft, said he believed North Korea was the originator of the WannaCry attack,<a href="#cite_note-90">[90]</a> and the UK's National Cyber Security Centre reached the same conclusion.<a href="#cite_note-91">[91]</a> On 18 December 2017, the <a href="/wiki/United_States_Government" class="mw-redirect" title="United States Government">United States Government</a> formally announced that it publicly considers North Korea to be the main culprit behind the WannaCry attack.<a href="#cite_note-92">[92]</a> Then-<a href="/wiki/U.S._President" class="mw-redirect" title="U.S. President">President</a> <a href="/wiki/Donald_Trump" title="Donald Trump">Trump</a>'s <a href="/wiki/Homeland_Security_Advisor" title="Homeland Security Advisor">Homeland Security Advisor</a>, <a href="/wiki/Tom_Bossert" title="Tom Bossert">Tom Bossert</a>, wrote an <a href="/wiki/Op-ed" title="Op-ed">op-ed</a> in <a href="/wiki/The_Wall_Street_Journal" title="The Wall Street Journal">The Wall Street Journal</a> about this charge, saying "We do not make this allegation lightly. It is based on evidence."<a href="#cite_note-93">[93]</a> In a press conference the following day, Bossert said that the evidence indicates that <a href="/wiki/Kim_Jong-un" class="mw-redirect" title="Kim Jong-un">Kim Jong-un</a> had given the order to launch the malware attack.<a href="#cite_note-94">[94]</a> Bossert said that Canada, New Zealand and Japan agree with the United States' assessment of the evidence that links the attack to North Korea,<a href="#cite_note-95">[95]</a> while the United Kingdom's <a href="/wiki/Foreign_and_Commonwealth_Office" class="mw-redirect" title="Foreign and Commonwealth Office">Foreign and Commonwealth Office</a> says it also stands behind the United States' assertion.<a href="#cite_note-96">[96]</a> North Korea, however, denied being responsible for the cyberattack.<a href="#cite_note-97">[97]</a><a href="#cite_note-98">[98]</a> On 6 September 2018, the U.S. Department of Justice (DoJ) announced formal charges against <a href="/wiki/Park_Jin_Hyok" title="Park Jin Hyok">Park Jin-hyok</a> for involvement in the <a href="/wiki/Sony_Pictures_hack" class="mw-redirect" title="Sony Pictures hack">Sony Pictures hack</a> of 2014. The DoJ contended that Park was a North Korean hacker working as part of a team of experts for the North Korean <a href="/wiki/Reconnaissance_General_Bureau" title="Reconnaissance General Bureau">Reconnaissance General Bureau</a>. The Department of Justice asserted this team also had been involved in the WannaCry attack, among other activities.<a href="#cite_note-99">[99]</a><a href="#cite_note-100">[100]</a> <div class="mw-heading mw-heading2"><h2 id="Impact">Impact</h2>[<a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit&section=5" title="Edit section: Impact">edit</a>]</div> <figure typeof="mw:File/Thumb"><a href="/wiki/File:Countries_initially_affected_in_WannaCry_ransomware_attack.svg" class="mw-file-description"><img alt="" src="//upload.wikimedia.org/wikipedia/commons/thumb/2/20/Countries_initially_affected_in_WannaCry_ransomware_attack.svg/300px-Countries_initially_affected_in_WannaCry_ransomware_attack.svg.png" decoding="async" width="300" height="154" class="mw-file-element" srcset="//upload.wikimedia.org/wikipedia/commons/thumb/2/20/Countries_initially_affected_in_WannaCry_ransomware_attack.svg/450px-Countries_initially_affected_in_WannaCry_ransomware_attack.svg.png 1.5x, //upload.wikimedia.org/wikipedia/commons/thumb/2/20/Countries_initially_affected_in_WannaCry_ransomware_attack.svg/600px-Countries_initially_affected_in_WannaCry_ransomware_attack.svg.png 2x" data-file-width="1104" data-file-height="566" /></a><figcaption>Map of the countries initially affected<a href="#cite_note-101">[101]</a></figcaption></figure> The ransomware campaign was unprecedented in scale according to <a href="/wiki/Europol" title="Europol">Europol</a>,<a href="#cite_note-:3-38">[38]</a> which estimates that around 200,000 computers were infected across 150 countries. According to <a href="/wiki/Kaspersky_Lab" title="Kaspersky Lab">Kaspersky Lab</a>, the four most affected countries were <a href="/wiki/Russia" title="Russia">Russia</a>, <a href="/wiki/Ukraine" title="Ukraine">Ukraine</a>, <a href="/wiki/India" title="India">India</a> and <a href="/wiki/Taiwan" title="Taiwan">Taiwan</a>.<a href="#cite_note-Jones-102">[102]</a> One of the largest agencies struck by the attack was the <a href="/wiki/National_Health_Service" title="National Health Service">National Health Service</a> hospitals in England and Scotland,<a href="#cite_note-103">[103]</a><a href="#cite_note-104">[104]</a> and up to 70,000 devices—including computers, <a href="/wiki/Magnetic_resonance_imaging" title="Magnetic resonance imaging">MRI scanners</a>, blood-storage refrigerators and theatre equipment—may have been affected.<a href="#cite_note-14MaySunTim-105">[105]</a> On 12 May, some NHS services had to turn away non-critical emergencies, and some ambulances were diverted.<a href="#cite_note-BBC_news-106">[106]</a><a href="#cite_note-global-cyber-attack-ransomware-nsa-uk-nhs-107">[107]</a> In 2016, thousands of computers in 42 separate <a href="/wiki/NHS_trust" title="NHS trust">NHS trusts</a> in England were reported to be still running Windows XP.<a href="#cite_note-vicexp-41">[41]</a> In 2018 a report by Members of Parliament concluded that all 200 NHS hospitals or other organisations checked in the wake of the WannaCry attack still failed cybersecurity checks.<a href="#cite_note-108">[108]</a><a href="#cite_note-109">[109]</a> NHS hospitals in Wales and Northern Ireland were unaffected by the attack.<a href="#cite_note-BBC_news-106">[106]</a><a href="#cite_note-guardian-nhs-110">[110]</a> <a href="/wiki/Nissan_Motor_Manufacturing_UK" title="Nissan Motor Manufacturing UK">Nissan Motor Manufacturing UK</a> in <a href="/wiki/Tyne_and_Wear" title="Tyne and Wear">Tyne and Wear</a>, England, halted production after the ransomware infected some of their systems. <a href="/wiki/Renault" title="Renault">Renault</a> also stopped production at several sites in an attempt to stop the spread of the ransomware.<a href="#cite_note-111">[111]</a><a href="#cite_note-112">[112]</a> Spain's <a href="/wiki/Telef%C3%B3nica" title="Telefónica">Telefónica</a>, <a href="/wiki/FedEx" title="FedEx">FedEx</a> and <a href="/wiki/Deutsche_Bahn" title="Deutsche Bahn">Deutsche Bahn</a> were hit, along with many other countries and companies worldwide.<a href="#cite_note-cnn99countries-113">[113]</a><a href="#cite_note-verge1-114">[114]</a><a href="#cite_note-115">[115]</a> The attack's impact is said to be relatively low compared to other potential attacks of the same type and could have been much worse had Hutchins not discovered that a kill switch had been built in by its creators<a href="#cite_note-chica1-116">[116]</a><a href="#cite_note-guard1-117">[117]</a> or if it had been specifically targeted on highly <a href="/wiki/Critical_infrastructure" title="Critical infrastructure">critical infrastructure</a>, like <a href="/wiki/Nuclear_safety_and_security" title="Nuclear safety and security">nuclear power plants</a>, dams or railway systems.<a href="#cite_note-118">[118]</a><a href="#cite_note-119">[119]</a> According to cyber-risk-modeling firm Cyence, economic losses from the cyber attack could reach up to US$4 billion, with other groups estimating the losses to be in the hundreds of millions.<a href="#cite_note-120">[120]</a> <div class="mw-heading mw-heading3"><h3 id="Affected_organisations">Affected organisations</h3>[<a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit&section=6" title="Edit section: Affected organisations">edit</a>]</div> The following is an alphabetical list of organisations confirmed to have been affected: <style data-mw-deduplicate="TemplateStyles:r1184024115">.mw-parser-output .div-col{margin-top:0.3em;column-width:30em}.mw-parser-output .div-col-small{font-size:90%}.mw-parser-output .div-col-rules{column-rule:1px solid #aaa}.mw-parser-output .div-col dl,.mw-parser-output .div-col ol,.mw-parser-output .div-col ul{margin-top:0}.mw-parser-output .div-col li,.mw-parser-output .div-col dd{page-break-inside:avoid;break-inside:avoid-column}</style><div class="div-col" style="column-width: 20em;"> <ul><li><a href="/wiki/Andhra_Pradesh_Police" title="Andhra Pradesh Police">Andhra Pradesh Police</a>, India<a href="#cite_note-121">[121]</a></li> <li><a href="/wiki/Aristotle_University_of_Thessaloniki" title="Aristotle University of Thessaloniki">Aristotle University of Thessaloniki</a>, Greece<a href="#cite_note-122">[122]</a><a href="#cite_note-123">[123]</a></li> <li><a href="/wiki/Automobile_Dacia" title="Automobile Dacia">Automobile Dacia</a>, Romania<a href="#cite_note-124">[124]</a></li> <li><a href="/wiki/Boeing_Commercial_Airplanes" title="Boeing Commercial Airplanes">Boeing Commercial Airplanes</a><a href="#cite_note-125">[125]</a></li> <li><a href="/wiki/Cambrian_College" title="Cambrian College">Cambrian College</a>, Canada<a href="#cite_note-126">[126]</a></li> <li><a href="/wiki/Chinese_public_security_bureau" class="mw-redirect" title="Chinese public security bureau">Chinese public security bureau</a><a href="#cite_note-scmp-127">[127]</a></li> <li><a href="/wiki/CJ_CGV" title="CJ CGV">CJ CGV</a> (a cinema chain)<a href="#cite_note-128">[128]</a></li> <li><a href="/wiki/Dalian_Maritime_University" title="Dalian Maritime University">Dalian Maritime University</a><a href="#cite_note-Cina-129">[129]</a></li> <li><a href="/wiki/Deutsche_Bahn" title="Deutsche Bahn">Deutsche Bahn</a><a href="#cite_note-130">[130]</a></li> <li><a href="/wiki/Dharmais_Hospital" title="Dharmais Hospital">Dharmais Hospital</a>, Indonesia<a href="#cite_note-misc-131">[131]</a></li> <li><a href="/wiki/Faculty_Hospital,_Nitra" title="Faculty Hospital, Nitra">Faculty Hospital, Nitra</a>, Slovakia<a href="#cite_note-nitra-132">[132]</a></li> <li><a href="/wiki/FedEx" title="FedEx">FedEx</a><a href="#cite_note-133">[133]</a></li> <li>Garena Blade and Soul<a href="#cite_note-134">[134]</a></li> <li><a href="/wiki/Guilin_University_of_Aerospace_Technology" title="Guilin University of Aerospace Technology">Guilin University of Aerospace Technology</a><a href="#cite_note-Cina-129">[129]</a></li> <li><a href="/wiki/Guilin_University_of_Electronic_Technology" title="Guilin University of Electronic Technology">Guilin University of Electronic Technology</a><a href="#cite_note-Cina-129">[129]</a></li> <li>Harapan Kita Hospital, Indonesia<a href="#cite_note-misc-131">[131]</a></li> <li>Hezhou University<a href="#cite_note-Cina-129">[129]</a></li> <li><a href="/wiki/Hitachi" title="Hitachi">Hitachi</a><a href="#cite_note-135">[135]</a></li> <li><a href="/wiki/Honda" title="Honda">Honda</a><a href="#cite_note-136">[136]</a></li> <li>Instituto Nacional de Salud, <a href="/wiki/Colombia" title="Colombia">Colombia</a><a href="#cite_note-137">[137]</a></li> <li><a href="/wiki/Lakeridge_Health" title="Lakeridge Health">Lakeridge Health</a>, <a href="/wiki/Canada" title="Canada">Canada</a><a href="#cite_note-138">[138]</a></li> <li>LAKS, Netherlands<a href="#cite_note-139">[139]</a></li> <li><a href="/wiki/LATAM_Airlines_Group" title="LATAM Airlines Group">LATAM Airlines Group</a><a href="#cite_note-140">[140]</a></li> <li><a href="/wiki/MegaFon" title="MegaFon">MegaFon</a><a href="#cite_note-141">[141]</a></li> <li><a href="/wiki/Ministry_of_Internal_Affairs_of_the_Russian_Federation" class="mw-redirect" title="Ministry of Internal Affairs of the Russian Federation">Ministry of Internal Affairs of the Russian Federation</a><a href="#cite_note-142">[142]</a></li> <li><a href="/wiki/National_Health_Service_(England)" title="National Health Service (England)">National Health Service (England)</a><a href="#cite_note-BBC_news-106">[106]</a><a href="#cite_note-guardian-nhs-110">[110]</a><a href="#cite_note-uk-143">[143]</a></li> <li><a href="/wiki/NHS_Scotland" title="NHS Scotland">NHS Scotland</a><a href="#cite_note-BBC_news-106">[106]</a><a href="#cite_note-guardian-nhs-110">[110]</a></li> <li><a href="/wiki/Nissan_Motor_Manufacturing_UK" title="Nissan Motor Manufacturing UK">Nissan Motor Manufacturing UK</a><a href="#cite_note-uk-143">[143]</a></li> <li><a href="/wiki/Telef%C3%B3nica_Europe" class="mw-redirect" title="Telefónica Europe">O2</a>, Germany<a href="#cite_note-144">[144]</a><a href="#cite_note-145">[145]</a></li> <li><a href="/wiki/Petrobr%C3%A1s" class="mw-redirect" title="Petrobrás">Petrobrás</a><a href="#cite_note-auto1-146">[146]</a></li> <li><a href="/wiki/PetroChina" title="PetroChina">PetroChina</a><a href="#cite_note-cnn99countries-113">[113]</a><a href="#cite_note-scmp-127">[127]</a></li> <li><a href="/wiki/Portugal_Telecom" class="mw-redirect" title="Portugal Telecom">Portugal Telecom</a><a href="#cite_note-147">[147]</a></li> <li><a href="/wiki/Pulse_FM" class="mw-redirect" title="Pulse FM">Pulse FM</a><a href="#cite_note-148">[148]</a></li> <li><a href="/wiki/Q-Park" title="Q-Park">Q-Park</a><a href="#cite_note-149">[149]</a></li> <li><a href="/wiki/Renault" title="Renault">Renault</a><a href="#cite_note-150">[150]</a></li> <li><a href="/wiki/Russian_Railways" title="Russian Railways">Russian Railways</a><a href="#cite_note-151">[151]</a></li> <li><a href="/wiki/Sandvik" title="Sandvik">Sandvik</a><a href="#cite_note-misc-131">[131]</a></li> <li><a href="/wiki/Justice_Court_of_S%C3%A3o_Paulo" class="mw-redirect" title="Justice Court of São Paulo">Justice Court of São Paulo</a><a href="#cite_note-auto1-146">[146]</a></li> <li><a href="/wiki/Sberbank" title="Sberbank">Sberbank</a><a href="#cite_note-vidal-152">[152]</a></li> <li><a href="/wiki/Shandong_University" title="Shandong University">Shandong University</a><a href="#cite_note-Cina-129">[129]</a></li> <li>State Governments of India <ul><li><a href="/wiki/Government_of_Gujarat" title="Government of Gujarat">Government of Gujarat</a><a href="#cite_note-auto2-153">[153]</a></li> <li><a href="/wiki/Government_of_Kerala" title="Government of Kerala">Government of Kerala</a><a href="#cite_note-auto2-153">[153]</a></li> <li><a href="/wiki/Government_of_Maharashtra" title="Government of Maharashtra">Government of Maharashtra</a><a href="#cite_note-154">[154]</a></li> <li><a href="/wiki/Government_of_West_Bengal" title="Government of West Bengal">Government of West Bengal</a><a href="#cite_note-auto2-153">[153]</a></li></ul></li> <li>Suzhou Vehicle Administration<a href="#cite_note-Cina-129">[129]</a></li> <li><a href="/wiki/Sun_Yat-sen_University" title="Sun Yat-sen University">Sun Yat-sen University</a>, China<a href="#cite_note-misc-131">[131]</a></li> <li><a href="/wiki/Telef%C3%B3nica" title="Telefónica">Telefónica</a>, Spain<a href="#cite_note-spain-155">[155]</a></li> <li><a href="/wiki/Telenor_Hungary" class="mw-redirect" title="Telenor Hungary">Telenor Hungary</a>, Hungary<a href="#cite_note-156">[156]</a></li> <li><a href="/wiki/Telkom_(South_Africa)" title="Telkom (South Africa)">Telkom (South Africa)</a><a href="#cite_note-157">[157]</a></li> <li><a href="/wiki/Timr%C3%A5_Municipality" title="Timrå Municipality">Timrå Municipality</a>, Sweden<a href="#cite_note-158">[158]</a></li> <li><a href="/wiki/TSMC" title="TSMC">TSMC</a>, Taiwan<a href="#cite_note-159">[159]</a></li> <li><a href="/wiki/Universitas_Jember" class="mw-redirect" title="Universitas Jember">Universitas Jember</a>, Indonesia<a href="#cite_note-160">[160]</a></li> <li><a href="/wiki/University_of_Milano-Bicocca" title="University of Milano-Bicocca">University of Milano-Bicocca</a>, Italy<a href="#cite_note-161">[161]</a></li> <li><a href="/wiki/University_of_Montreal" class="mw-redirect" title="University of Montreal">University of Montreal</a>, Canada<a href="#cite_note-162">[162]</a></li> <li><a href="/wiki/Vivo_(telecommunications)" class="mw-redirect" title="Vivo (telecommunications)">Vivo</a>, Brazil<a href="#cite_note-auto1-146">[146]</a></li></ul></div> <div class="mw-heading mw-heading2"><h2 id="Reactions">Reactions</h2>[<a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit&section=7" title="Edit section: Reactions">edit</a>]</div> A number of experts highlighted the <a href="/wiki/NSA" class="mw-redirect" title="NSA">NSA</a>'s non-disclosure of the underlying vulnerability, and their loss of control over the EternalBlue attack tool that exploited it. <a href="/wiki/Edward_Snowden" title="Edward Snowden">Edward Snowden</a> said that if the NSA had "<a href="/wiki/Responsible_disclosure" class="mw-redirect" title="Responsible disclosure">privately disclosed</a> the flaw used to attack hospitals when they found it, not when they lost it, the attack may not have happened".<a href="#cite_note-global-cyber-attack-ransomware-nsa-uk-nhs-107">[107]</a> British cybersecurity expert <a href="/wiki/Graham_Cluley" title="Graham Cluley">Graham Cluley</a> also sees "some culpability on the part of the U.S. intelligence services". According to him and others "they could have done something ages ago to get this problem fixed, and they didn't do it". He also said that despite obvious uses for such tools <a href="/wiki/Targeted_surveillance" title="Targeted surveillance">to spy on people of interest</a>, they have a duty to protect their countries' citizens.<a href="#cite_note-163">[163]</a> Others have also commented that this attack shows that the practice of intelligence agencies to stockpile exploits for offensive purposes rather than disclosing them for defensive purposes may be problematic.<a href="#cite_note-guard1-117">[117]</a> Microsoft president and chief legal officer <a href="/wiki/Brad_Smith_(American_lawyer)" title="Brad Smith (American lawyer)">Brad Smith</a> wrote, "Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its <a href="/wiki/Tomahawk_(missile_family)" title="Tomahawk (missile family)">Tomahawk</a> missiles stolen."<a href="#cite_note-164">[164]</a><a href="#cite_note-165">[165]</a><a href="#cite_note-166">[166]</a> Russian President <a href="/wiki/Vladimir_Putin" title="Vladimir Putin">Vladimir Putin</a> placed the responsibility of the attack on U.S. intelligence services for having created EternalBlue.<a href="#cite_note-vidal-152">[152]</a> On 17 May 2017, United States bipartisan lawmakers introduced the PATCH Act<a href="#cite_note-167">[167]</a> that aims to have exploits reviewed by an independent board to "balance the need to disclose vulnerabilities with other national security interests while increasing transparency and accountability to maintain public trust in the process".<a href="#cite_note-168">[168]</a> On 15 June 2017, the United States Congress was to hold a hearing on the attack.<a href="#cite_note-thehill.com-169">[169]</a> Two subpanels of the House Science Committee were to hear the testimonies from various individuals working in the government and non-governmental sector about how the U.S. can improve its protection mechanisms for its systems against similar attacks in the future.<a href="#cite_note-thehill.com-169">[169]</a> <a href="/wiki/Marcus_Hutchins" title="Marcus Hutchins">Marcus Hutchins</a>, a cybersecurity researcher, working in loose collaboration with UK's <a href="/wiki/National_Cyber_Security_Centre_(United_Kingdom)" title="National Cyber Security Centre (United Kingdom)">National Cyber Security Centre</a>,<a href="#cite_note-170">[170]</a><a href="#cite_note-sky1-171">[171]</a> researched the malware and discovered a "kill switch".<a href="#cite_note-MalwareTech-55">[55]</a> Later globally dispersed security researchers <a href="/wiki/Collaboration#Technology" title="Collaboration">collaborated online</a> to <a href="/wiki/Civic_hacking" class="mw-redirect" title="Civic hacking">develop</a> <a href="/wiki/Open-source_software" title="Open-source software">open-source</a> tools<a href="#cite_note-wanakiwi-172">[172]</a><a href="#cite_note-173">[173]</a> that allow for decryption without payment under some circumstances.<a href="#cite_note-reuters1-174">[174]</a> Snowden states that when "<a href="/wiki/NSA" class="mw-redirect" title="NSA">NSA</a>-enabled ransomware eats the Internet, help comes from researchers, not spy agencies" and asks why this is the case.<a href="#cite_note-sky1-171">[171]</a><a href="#cite_note-175">[175]</a><a href="#cite_note-176">[176]</a> <a href="/wiki/Adam_Segal" title="Adam Segal">Adam Segal</a>, director of the digital and cyberspace policy program at the <a href="/wiki/Council_on_Foreign_Relations" title="Council on Foreign Relations">Council on Foreign Relations</a>, stated that "the patching and updating systems are broken, basically, in the private sector and in government agencies".<a href="#cite_note-guard1-117">[117]</a> In addition, Segal said that governments' apparent inability to secure vulnerabilities "opens a lot of questions about backdoors and access to encryption that the government argues it needs from the private sector for security".<a href="#cite_note-guard1-117">[117]</a> <a href="/wiki/Arne_Sch%C3%B6nbohm" title="Arne Schönbohm">Arne Schönbohm</a>, president of Germany's <a href="/wiki/Federal_Office_for_Information_Security" title="Federal Office for Information Security">Federal Office for Information Security</a> (BSI), stated that "the current attacks show how vulnerable our <a href="/wiki/Digital_society" class="mw-redirect" title="Digital society">digital society</a> is. It's a wake-up call for companies to finally take IT security [seriously]".<a href="#cite_note-hei-177">[177]</a> <div class="mw-heading mw-heading3"><h3 id="United_Kingdom">United Kingdom</h3>[<a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit&section=8" title="Edit section: United Kingdom">edit</a>]</div> The effects of the attack also had political implications; in the <a href="/wiki/United_Kingdom" title="United Kingdom">United Kingdom</a>, the impact on the <a href="/wiki/National_Health_Service" title="National Health Service">National Health Service</a> quickly became political, with claims that the effects were exacerbated by government underfunding of the NHS; in particular, the NHS ceased its paid Custom Support arrangement to continue receiving support for unsupported Microsoft software used within the organization, including Windows XP.<a href="#cite_note-178">[178]</a> <a href="/wiki/Home_Secretary" title="Home Secretary">Home Secretary</a> <a href="/wiki/Amber_Rudd" title="Amber Rudd">Amber Rudd</a> refused to say whether patient data had been <a href="/wiki/Backup" title="Backup">backed up</a>, and <a href="/wiki/Shadow_Health_Secretary" class="mw-redirect" title="Shadow Health Secretary">Shadow Health Secretary</a> <a href="/wiki/Jon_Ashworth" class="mw-redirect" title="Jon Ashworth">Jon Ashworth</a> accused <a href="/wiki/Secretary_of_State_for_Health" class="mw-redirect" title="Secretary of State for Health">Health Secretary</a> <a href="/wiki/Jeremy_Hunt" title="Jeremy Hunt">Jeremy Hunt</a> of refusing to act on a critical note from Microsoft, the <a href="/wiki/National_Cyber_Security_Centre_(United_Kingdom)" title="National Cyber Security Centre (United Kingdom)">National Cyber Security Centre</a> (NCSC) and the <a href="/wiki/National_Crime_Agency" title="National Crime Agency">National Crime Agency</a> that had been received two months previously.<a href="#cite_note-179">[179]</a> Others argued that hardware and software vendors often fail to account for future security flaws, selling systems that—due to their technical design and market incentives—eventually won't be able to properly receive and apply patches.<a href="#cite_note-180">[180]</a> The NHS denied that it was still using XP, claiming only 4.7% of devices within the organization ran Windows XP.<a href="#cite_note-verge-xpimpact-44">[44]</a><a href="#cite_note-nhs-noxp-181">[181]</a> The cost of the attack to the NHS was estimated as £92 million in disruption to services and IT upgrades.<a href="#cite_note-182">[182]</a> After the attack, <a href="/wiki/NHS_Digital" title="NHS Digital">NHS Digital</a> refused to finance the estimated £1 billion to meet the <a href="/wiki/Cyber_Essentials#Assurance_framework" title="Cyber Essentials">Cyber Essentials Plus</a> standard, an <a href="/wiki/Information_security" title="Information security">information security</a> certification organized by the UK NCSC, saying this would not constitute "value for money", and that it had invested over £60 million and planned "to spend a further £150 [million] over the next two years" to address key cyber security weaknesses.<a href="#cite_note-183">[183]</a> <div class="mw-heading mw-heading2"><h2 id="See_also">See also</h2>[<a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit&section=9" title="Edit section: See also">edit</a>]</div> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1184024115"><div class="div-col" style="column-width: 20em;"> <ul><li><a href="/wiki/BlueKeep_(security_vulnerability)" class="mw-redirect" title="BlueKeep (security vulnerability)">BlueKeep (security vulnerability)</a></li> <li><a href="/wiki/Computer_security#Medical_systems" title="Computer security">Computer security § Medical systems</a></li> <li><a href="/wiki/Comparison_of_computer_viruses" title="Comparison of computer viruses">Comparison of computer viruses</a></li> <li><a href="/wiki/Conficker" title="Conficker">Conficker</a></li> <li><a href="/wiki/CryptoLocker" title="CryptoLocker">CryptoLocker</a></li> <li><a href="/wiki/Cyber_self-defense" class="mw-redirect" title="Cyber self-defense">Cyber self-defense</a></li> <li><a href="/wiki/Cyberweapon#Control" title="Cyberweapon">Cyberweapon § Control</a></li> <li><a href="/wiki/Health_Service_Executive_cyberattack" class="mw-redirect" title="Health Service Executive cyberattack">Health Service Executive cyberattack</a></li> <li><a href="/wiki/International_Multilateral_Partnership_Against_Cyber_Threats" title="International Multilateral Partnership Against Cyber Threats">International Multilateral Partnership Against Cyber Threats</a></li> <li><a href="/wiki/Proactive_cyber_defence#Measures" title="Proactive cyber defence">Proactive cyber defence § Measures</a></li> <li><a href="/wiki/Security_engineering" title="Security engineering">Security engineering</a></li> <li><a href="/wiki/Software_versioning" title="Software versioning">Software versioning</a></li> <li><a href="/wiki/SQL_Slammer" title="SQL Slammer">SQL Slammer</a></li> <li><a href="/wiki/Timeline_of_computer_viruses_and_worms" title="Timeline of computer viruses and worms">Timeline of computer viruses and worms</a></li> <li><a href="/wiki/Vault_7" title="Vault 7">Vault 7</a></li> <li><a href="/wiki/Windows_Update" title="Windows Update">Windows Update</a></li> <li><a href="/wiki/2016_Dyn_cyberattack" class="mw-redirect" title="2016 Dyn cyberattack">2016 Dyn cyberattack</a></li> <li><a href="/wiki/2017_Petya_cyberattack" class="mw-redirect" title="2017 Petya cyberattack">2017 Petya cyberattack</a></li></ul></div> <div class="mw-heading mw-heading2"><h2 id="References">References</h2>[<a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit&section=10" title="Edit section: References">edit</a>]</div> <style data-mw-deduplicate="TemplateStyles:r1239543626">.mw-parser-output .reflist{margin-bottom:0.5em;list-style-type:decimal}@media screen{.mw-parser-output .reflist{font-size:90%}}.mw-parser-output .reflist .references{font-size:100%;margin-bottom:0;list-style-type:inherit}.mw-parser-output .reflist-columns-2{column-width:30em}.mw-parser-output .reflist-columns-3{column-width:25em}.mw-parser-output .reflist-columns{margin-top:0.3em}.mw-parser-output .reflist-columns ol{margin-top:0}.mw-parser-output .reflist-columns li{page-break-inside:avoid;break-inside:avoid-column}.mw-parser-output .reflist-upper-alpha{list-style-type:upper-alpha}.mw-parser-output .reflist-upper-roman{list-style-type:upper-roman}.mw-parser-output .reflist-lower-alpha{list-style-type:lower-alpha}.mw-parser-output .reflist-lower-greek{list-style-type:lower-greek}.mw-parser-output .reflist-lower-roman{list-style-type:lower-roman}</style><div class="reflist"> <div class="mw-references-wrap mw-references-columns"><ol class="references"> <li id="cite_note-1"><a href="#cite_ref-1">^</a> <style data-mw-deduplicate="TemplateStyles:r1238218222">.mw-parser-output cite.citation{font-style:inherit;word-wrap:break-word}.mw-parser-output .citation q{quotes:"\"""\"""'""'"}.mw-parser-output .citation:target{background-color:rgba(0,127,255,0.133)}.mw-parser-output .id-lock-free.id-lock-free a{background:url("//upload.wikimedia.org/wikipedia/commons/6/65/Lock-green.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-limited.id-lock-limited a,.mw-parser-output .id-lock-registration.id-lock-registration a{background:url("//upload.wikimedia.org/wikipedia/commons/d/d6/Lock-gray-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-subscription.id-lock-subscription a{background:url("//upload.wikimedia.org/wikipedia/commons/a/aa/Lock-red-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .cs1-ws-icon a{background:url("//upload.wikimedia.org/wikipedia/commons/4/4c/Wikisource-logo.svg")right 0.1em center/12px no-repeat}body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-free a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-limited a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-registration a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .id-lock-subscription a,body:not(.skin-timeless):not(.skin-minerva) .mw-parser-output .cs1-ws-icon a{background-size:contain;padding:0 1em 0 0}.mw-parser-output .cs1-code{color:inherit;background:inherit;border:none;padding:inherit}.mw-parser-output .cs1-hidden-error{display:none;color:var(--color-error,#d33)}.mw-parser-output .cs1-visible-error{color:var(--color-error,#d33)}.mw-parser-output .cs1-maint{display:none;color:#085;margin-left:0.3em}.mw-parser-output .cs1-kern-left{padding-left:0.2em}.mw-parser-output .cs1-kern-right{padding-right:0.2em}.mw-parser-output .citation .mw-selflink{font-weight:inherit}@media screen{.mw-parser-output .cs1-format{font-size:95%}html.skin-theme-clientpref-night .mw-parser-output .cs1-maint{color:#18911f}}@media screen and (prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .cs1-maint{color:#18911f}}</style><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://www.abc.net.au/news/2017-05-15/ransomware-attack-to-hit-victims-in-australia-government-says/8526346">"Ransomware attack still looms in Australia as Government warns WannaCry threat not over"</a>. Australian Broadcasting Corporation. 14 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170515035633/http://www.abc.net.au/news/2017-05-15/ransomware-attack-to-hit-victims-in-australia-government-says/8526346">Archived</a> from the original on 15 May 2017. Retrieved 15 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Ransomware+attack+still+looms+in+Australia+as+Government+warns+WannaCry+threat+not+over&rft.pub=Australian+Broadcasting+Corporation&rft.date=2017-05-14&rft_id=http%3A%2F%2Fwww.abc.net.au%2Fnews%2F2017-05-15%2Fransomware-attack-to-hit-victims-in-australia-government-says%2F8526346&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-2"><a href="#cite_ref-2">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFCameron2017" class="citation web cs1">Cameron, Dell (13 May 2017). <a rel="nofollow" class="external text" href="https://www.gizmodo.com.au/2017/05/todays-massive-ransomware-attack-was-mostly-preventable-heres-how-to-avoid-it/">"Today's Massive Ransomware Attack Was Mostly Preventable; Here's How To Avoid It"</a>. <a href="/wiki/Gizmodo" title="Gizmodo">Gizmodo</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190409094716/https://www.gizmodo.com.au/2017/05/todays-massive-ransomware-attack-was-mostly-preventable-heres-how-to-avoid-it/">Archived</a> from the original on 9 April 2019. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Gizmodo&rft.atitle=Today%27s+Massive+Ransomware+Attack+Was+Mostly+Preventable%3B+Here%27s+How+To+Avoid+It&rft.date=2017-05-13&rft.aulast=Cameron&rft.aufirst=Dell&rft_id=https%3A%2F%2Fwww.gizmodo.com.au%2F2017%2F05%2Ftodays-massive-ransomware-attack-was-mostly-preventable-heres-how-to-avoid-it%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-threaten_release-3"><a href="#cite_ref-threaten_release_3-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://tribune.com.pk/story/1423609/shadow-brokers-threaten-release-windows-10-hacking-tools/">"Shadow Brokers threaten to release Windows 10 hacking tools"</a>. The Express Tribune. 31 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170710004211/https://tribune.com.pk/story/1423609/shadow-brokers-threaten-release-windows-10-hacking-tools/">Archived</a> from the original on 10 July 2017. Retrieved 31 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Express+Tribune&rft.atitle=Shadow+Brokers+threaten+to+release+Windows+10+hacking+tools&rft.date=2017-05-31&rft_id=https%3A%2F%2Ftribune.com.pk%2Fstory%2F1423609%2Fshadow-brokers-threaten-release-windows-10-hacking-tools%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-4"><a href="#cite_ref-4">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://techcrunch.com/2019/05/12/wannacry-two-years-on/">"Two years after WannaCry, a million computers remain at risk"</a>. TechCrunch. 12 May 2019. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030643/https://techcrunch.com/2019/05/12/wannacry-two-years-on/">Archived</a> from the original on 4 June 2021. Retrieved 16 January 2021.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=TechCrunch&rft.atitle=Two+years+after+WannaCry%2C+a+million+computers+remain+at+risk&rft.date=2019-05-12&rft_id=https%3A%2F%2Ftechcrunch.com%2F2019%2F05%2F12%2Fwannacry-two-years-on%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-5"><a href="#cite_ref-5">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://whoapi.com/blog/what-is-the-domain-name-that-stopped-wannacry/">"What is the domain name that stopped WannaCry?"</a>. 15 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20230121064143/https://whoapi.com/blog/what-is-the-domain-name-that-stopped-wannacry/">Archived</a> from the original on 21 January 2023. Retrieved 13 July 2021.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=What+is+the+domain+name+that+stopped+WannaCry%3F&rft.date=2017-05-15&rft_id=https%3A%2F%2Fwhoapi.com%2Fblog%2Fwhat-is-the-domain-name-that-stopped-wannacry%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-:4-6">^ <a href="#cite_ref-:4_6-0">a</a> <a href="#cite_ref-:4_6-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFChappellNeuman2017" class="citation news cs1">Chappell, Bill; Neuman, Scott (19 December 2017). <a rel="nofollow" class="external text" href="https://www.npr.org/sections/thetwo-way/2017/12/19/571854614/u-s-says-north-korea-directly-responsible-for-wannacry-ransomware-attack">"U.S. Says North Korea 'Directly Responsible' For WannaCry Ransomware Attack"</a>. NPR. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20221202014943/https://www.npr.org/sections/thetwo-way/2017/12/19/571854614/u-s-says-north-korea-directly-responsible-for-wannacry-ransomware-attack">Archived</a> from the original on 2 December 2022. Retrieved 2 December 2022.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=NPR&rft.atitle=U.S.+Says+North+Korea+%27Directly+Responsible%27+For+WannaCry+Ransomware+Attack&rft.date=2017-12-19&rft.aulast=Chappell&rft.aufirst=Bill&rft.au=Neuman%2C+Scott&rft_id=https%3A%2F%2Fwww.npr.org%2Fsections%2Fthetwo-way%2F2017%2F12%2F19%2F571854614%2Fu-s-says-north-korea-directly-responsible-for-wannacry-ransomware-attack&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-7"><a href="#cite_ref-7">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.bbc.com/news/world-us-canada-42407488">"Cyber-attack: US and UK blame North Korea for WannaCry"</a>. BBC News. 19 December 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210208122634/https://www.bbc.com/news/world-us-canada-42407488">Archived</a> from the original on 8 February 2021. Retrieved 18 February 2021.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=BBC+News&rft.atitle=Cyber-attack%3A+US+and+UK+blame+North+Korea+for+WannaCry&rft.date=2017-12-19&rft_id=https%3A%2F%2Fwww.bbc.com%2Fnews%2Fworld-us-canada-42407488&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-8"><a href="#cite_ref-8">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://thehackernews.com/2018/08/tsmc-wannacry-ransomware-attack.html">"TSMC Chip Maker Blames WannaCry Malware for Production Halt"</a>. The Hacker News. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180809021207/https://thehackernews.com/2018/08/tsmc-wannacry-ransomware-attack.html">Archived</a> from the original on 9 August 2018. Retrieved 7 August 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Hacker+News&rft.atitle=TSMC+Chip+Maker+Blames+WannaCry+Malware+for+Production+Halt&rft_id=https%3A%2F%2Fthehackernews.com%2F2018%2F08%2Ftsmc-wannacry-ransomware-attack.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-microsoftreleases-9">^ <a href="#cite_ref-microsoftreleases_9-0">a</a> <a href="#cite_ref-microsoftreleases_9-1">b</a> <a href="#cite_ref-microsoftreleases_9-2">c</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMSRC_Team2017" class="citation web cs1">MSRC Team (13 May 2017). <a rel="nofollow" class="external text" href="https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/">"Customer Guidance for WannaCrypt attacks"</a>. <a href="/wiki/Microsoft" title="Microsoft">Microsoft</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170521054556/https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/">Archived</a> from the original on 21 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Customer+Guidance+for+WannaCrypt+attacks&rft.pub=Microsoft&rft.date=2017-05-13&rft.au=MSRC+Team&rft_id=https%3A%2F%2Fblogs.technet.microsoft.com%2Fmsrc%2F2017%2F05%2F12%2Fcustomer-guidance-for-wannacrypt-attacks%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-10"><a href="#cite_ref-10">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFJakub_Kroustek2017" class="citation web cs1">Jakub Kroustek (12 May 2017). <a rel="nofollow" class="external text" href="https://blog.avast.com/ransomware-that-infected-telefonica-and-nhs-hospitals-is-spreading-aggressively-with-over-50000-attacks-so-far-today">"Avast reports on WanaCrypt0r 2.0 ransomware that infected NHS and Telefonica"</a>. Avast Security News. Avast Software, Inc. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190505012053/https://blog.avast.com/ransomware-that-infected-telefonica-and-nhs-hospitals-is-spreading-aggressively-with-over-50000-attacks-so-far-today">Archived</a> from the original on 5 May 2019. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Avast+Security+News&rft.atitle=Avast+reports+on+WanaCrypt0r+2.0+ransomware+that+infected+NHS+and+Telefonica.&rft.date=2017-05-12&rft.au=Jakub+Kroustek&rft_id=https%3A%2F%2Fblog.avast.com%2Fransomware-that-infected-telefonica-and-nhs-hospitals-is-spreading-aggressively-with-over-50000-attacks-so-far-today&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-:0-11"><a href="#cite_ref-:0_11-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFFox-Brewster" class="citation news cs1">Fox-Brewster, Thomas. <a rel="nofollow" class="external text" href="https://www.forbes.com/sites/thomasbrewster/2017/05/12/nsa-exploit-used-by-wannacry-ransomware-in-global-explosion/">"An NSA Cyber Weapon Might Be Behind A Massive Global Ransomware Outbreak"</a>. <a href="/wiki/Forbes" title="Forbes">Forbes</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180628155440/https://www.forbes.com/sites/thomasbrewster/2017/05/12/nsa-exploit-used-by-wannacry-ransomware-in-global-explosion/">Archived</a> from the original on 28 June 2018. Retrieved 12 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Forbes&rft.atitle=An+NSA+Cyber+Weapon+Might+Be+Behind+A+Massive+Global+Ransomware+Outbreak&rft.aulast=Fox-Brewster&rft.aufirst=Thomas&rft_id=https%3A%2F%2Fwww.forbes.com%2Fsites%2Fthomasbrewster%2F2017%2F05%2F12%2Fnsa-exploit-used-by-wannacry-ransomware-in-global-explosion%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-auto-12"><a href="#cite_ref-auto_12-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFWoollaston" class="citation news cs1">Woollaston, Victoria. <a rel="nofollow" class="external text" href="https://www.wired.co.uk/article/wanna-decryptor-ransomware">"Wanna Decryptor: what is the 'atom bomb of ransomware' behind the NHS attack?"</a>. WIRED UK. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180317131855/https://www.wired.co.uk/article/wanna-decryptor-ransomware">Archived</a> from the original on 17 March 2018. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=WIRED+UK&rft.atitle=Wanna+Decryptor%3A+what+is+the+%27atom+bomb+of+ransomware%27+behind+the+NHS+attack%3F&rft.aulast=Woollaston&rft.aufirst=Victoria&rft_id=https%3A%2F%2Fwww.wired.co.uk%2Farticle%2Fwanna-decryptor-ransomware&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-talos-13">^ <a href="#cite_ref-talos_13-0">a</a> <a href="#cite_ref-talos_13-1">b</a> <a href="#cite_ref-talos_13-2">c</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://blog.talosintelligence.com/2017/05/wannacry.html">"Player 3 Has Entered the Game: Say Hello to 'WannaCry'"</a>. blog.talosintelligence.com. 12 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030643/https://blog.talosintelligence.com/2017/05/wannacry.html">Archived</a> from the original on 4 June 2021. Retrieved 16 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=blog.talosintelligence.com&rft.atitle=Player+3+Has+Entered+the+Game%3A+Say+Hello+to+%27WannaCry%27&rft.date=2017-05-12&rft_id=http%3A%2F%2Fblog.talosintelligence.com%2F2017%2F05%2Fwannacry.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-doj-14">^ <a href="#cite_ref-doj_14-0">a</a> <a href="#cite_ref-doj_14-1">b</a> <a href="#cite_ref-doj_14-2">c</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFShields2018" class="citation news cs1">Shields, Nathan P. (8 June 2018). <a rel="nofollow" class="external text" href="https://www.justice.gov/opa/press-release/file/1092091/download">"Criminal Complaint"</a>. <a href="/wiki/United_States_Department_of_Justice" title="United States Department of Justice">United States Department of Justice</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180906233723/https://www.justice.gov/opa/press-release/file/1092091/download">Archived</a> from the original on 6 September 2018. Retrieved 6 September 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Criminal+Complaint&rft.date=2018-06-08&rft.aulast=Shields&rft.aufirst=Nathan+P.&rft_id=https%3A%2F%2Fwww.justice.gov%2Fopa%2Fpress-release%2Ffile%2F1092091%2Fdownload&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-independent-15"><a href="#cite_ref-independent_15-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.independent.co.uk/news/uk/home-news/nhs-cyber-attack-edward-snowden-accuses-nsa-not-preventing-ransomware-a7733941.html">"NHS cyber attack: Edward Snowden says NSA should have prevented cyber attack"</a>. <a href="/wiki/The_Independent" title="The Independent">The Independent</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516185543/http://www.independent.co.uk/news/uk/home-news/nhs-cyber-attack-edward-snowden-accuses-nsa-not-preventing-ransomware-a7733941.html">Archived</a> from the original on 16 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Independent&rft.atitle=NHS+cyber+attack%3A+Edward+Snowden+says+NSA+should+have+prevented+cyber+attack&rft_id=https%3A%2F%2Fwww.independent.co.uk%2Fnews%2Fuk%2Fhome-news%2Fnhs-cyber-attack-edward-snowden-accuses-nsa-not-preventing-ransomware-a7733941.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-telegraph-16"><a href="#cite_ref-telegraph_16-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGraham2017" class="citation news cs1">Graham, Chris (13 May 2017). <a rel="nofollow" class="external text" href="https://www.telegraph.co.uk/news/2017/05/13/nhs-cyber-attack-everything-need-know-biggest-ransomware-offensive/">"NHS cyber attack: Everything you need to know about 'biggest ransomware' offensive in history"</a>. <a href="/wiki/The_Daily_Telegraph" title="The Daily Telegraph">The Daily Telegraph</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170513071602/http://www.telegraph.co.uk/news/2017/05/13/nhs-cyber-attack-everything-need-know-biggest-ransomware-offensive/">Archived</a> from the original on 13 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Daily+Telegraph&rft.atitle=NHS+cyber+attack%3A+Everything+you+need+to+know+about+%27biggest+ransomware%27+offensive+in+history&rft.date=2017-05-13&rft.aulast=Graham&rft.aufirst=Chris&rft_id=https%3A%2F%2Fwww.telegraph.co.uk%2Fnews%2F2017%2F05%2F13%2Fnhs-cyber-attack-everything-need-know-biggest-ransomware-offensive%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-Ars_Technica-17"><a href="#cite_ref-Ars_Technica_17-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://arstechnica.com/security/2017/04/nsa-leaking-shadow-brokers-just-dumped-its-most-damaging-release-yet/">"NSA-leaking Shadow Brokers just dumped its most damaging release yet"</a>. Ars Technica. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170513050743/https://arstechnica.com/security/2017/04/nsa-leaking-shadow-brokers-just-dumped-its-most-damaging-release-yet/">Archived</a> from the original on 13 May 2017. Retrieved 15 April 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Ars+Technica&rft.atitle=NSA-leaking+Shadow+Brokers+just+dumped+its+most+damaging+release+yet&rft_id=https%3A%2F%2Farstechnica.com%2Fsecurity%2F2017%2F04%2Fnsa-leaking-shadow-brokers-just-dumped-its-most-damaging-release-yet%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-18"><a href="#cite_ref-18">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGoodin" class="citation news cs1">Goodin, Dan. <a rel="nofollow" class="external text" href="https://arstechnica.com/uwusecurity/2017/04/10000-windows-computers-may-be-infected-by-advanced-nsa-backdoor/">"10,000 Windows computers may be infected by advanced NSA backdoor"</a>. Ars Technica. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030644/https://arstechnica.com/information-technology/2017/04/10000-windows-computers-may-be-infected-by-advanced-nsa-backdoor/">Archived</a> from the original on 4 June 2021. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Ars+Technica&rft.atitle=10%2C000+Windows+computers+may+be+infected+by+advanced+NSA+backdoor&rft.aulast=Goodin&rft.aufirst=Dan&rft_id=https%3A%2F%2Farstechnica.com%2Fuwusecurity%2F2017%2F04%2F10000-windows-computers-may-be-infected-by-advanced-nsa-backdoor%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-19"><a href="#cite_ref-19">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGoodin" class="citation news cs1">Goodin, Dan. <a rel="nofollow" class="external text" href="https://arstechnica.com/security/2017/04/nsa-backdoor-detected-on-55000-windows-boxes-can-now-be-remotely-removed/">"NSA backdoor detected on >55,000 Windows boxes can now be remotely removed"</a>. <a href="/wiki/Ars_Technica" title="Ars Technica">Ars Technica</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170710051118/https://arstechnica.com/security/2017/04/nsa-backdoor-detected-on-55000-windows-boxes-can-now-be-remotely-removed/">Archived</a> from the original on 10 July 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Ars+Technica&rft.atitle=NSA+backdoor+detected+on+%3E55%2C000+Windows+boxes+can+now+be+remotely+removed&rft.aulast=Goodin&rft.aufirst=Dan&rft_id=https%3A%2F%2Farstechnica.com%2Fsecurity%2F2017%2F04%2Fnsa-backdoor-detected-on-55000-windows-boxes-can-now-be-remotely-removed%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-20"><a href="#cite_ref-20">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFBroersma" class="citation news cs1">Broersma, Matthew. <a rel="nofollow" class="external text" href="http://www.silicon.co.uk/security/nsa-malware-security-210253">"NSA Malware 'Infects Nearly 200,000 Systems'"</a>. Silicon. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170506144144/http://www.silicon.co.uk/security/nsa-malware-security-210253">Archived</a> from the original on 6 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Silicon&rft.atitle=NSA+Malware+%27Infects+Nearly+200%2C000+Systems%27&rft.aulast=Broersma&rft.aufirst=Matthew&rft_id=http%3A%2F%2Fwww.silicon.co.uk%2Fsecurity%2Fnsa-malware-security-210253&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-21"><a href="#cite_ref-21">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFCameron2017" class="citation news cs1">Cameron, Dell (13 May 2017). <a rel="nofollow" class="external text" href="https://www.gizmodo.com.au/2017/05/todays-massive-ransomware-attack-was-mostly-preventable-heres-how-to-avoid-it/">"Today's Massive Ransomware Attack Was Mostly Preventable; Here's How To Avoid It"</a>. Gizmodo Australia. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190409094716/https://www.gizmodo.com.au/2017/05/todays-massive-ransomware-attack-was-mostly-preventable-heres-how-to-avoid-it/">Archived</a> from the original on 9 April 2019. Retrieved 15 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Gizmodo+Australia&rft.atitle=Today%27s+Massive+Ransomware+Attack+Was+Mostly+Preventable%3B+Here%27s+How+To+Avoid+It&rft.date=2017-05-13&rft.aulast=Cameron&rft.aufirst=Dell&rft_id=https%3A%2F%2Fwww.gizmodo.com.au%2F2017%2F05%2Ftodays-massive-ransomware-attack-was-mostly-preventable-heres-how-to-avoid-it%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-22"><a href="#cite_ref-22">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.forbes.com/sites/thomasbrewster/2017/05/13/wannacry-ransomware-outbreak-stopped-by-researcher/">"How One Simple Trick Just Put Out That Huge Ransomware Fire"</a>. Forbes. 24 April 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030644/https://www.forbes.com/sites/thomasbrewster/2017/05/13/wannacry-ransomware-outbreak-stopped-by-researcher/">Archived</a> from the original on 4 June 2021. Retrieved 15 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Forbes&rft.atitle=How+One+Simple+Trick+Just+Put+Out+That+Huge+Ransomware+Fire&rft.date=2017-04-24&rft_id=https%3A%2F%2Fwww.forbes.com%2Fsites%2Fthomasbrewster%2F2017%2F05%2F13%2Fwannacry-ransomware-outbreak-stopped-by-researcher%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-23"><a href="#cite_ref-23">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://risksense.com/wp-content/uploads/2019/09/RiskSense-Spotlight-Report-Ransomware.pdf">"Enterprise Ransomware"</a> (PDF). August 2019. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210920151225/https://risksense.com/wp-content/uploads/2019/09/RiskSense-Spotlight-Report-Ransomware.pdf">Archived</a> (PDF) from the original on 20 September 2021. Retrieved 27 February 2022.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Enterprise+Ransomware&rft.date=2019-08&rft_id=https%3A%2F%2Frisksense.com%2Fwp-content%2Fuploads%2F2019%2F09%2FRiskSense-Spotlight-Report-Ransomware.pdf&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-:1-24"><a href="#cite_ref-:1_24-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.telegraph.co.uk/news/2017/05/12/russian-linked-cyber-gang-shadow-brokers-blamed-nhs-computer/">"Russian-linked cyber gang blamed for NHS computer hack using bug stolen from US spy agency"</a>. The Telegraph. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170512221143/http://www.telegraph.co.uk/news/2017/05/12/russian-linked-cyber-gang-shadow-brokers-blamed-nhs-computer/">Archived</a> from the original on 12 May 2017. Retrieved 12 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Telegraph&rft.atitle=Russian-linked+cyber+gang+blamed+for+NHS+computer+hack+using+bug+stolen+from+US+spy+agency&rft_id=https%3A%2F%2Fwww.telegraph.co.uk%2Fnews%2F2017%2F05%2F12%2Frussian-linked-cyber-gang-shadow-brokers-blamed-nhs-computer%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-syma-25">^ <a href="#cite_ref-syma_25-0">a</a> <a href="#cite_ref-syma_25-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030646/https://community.broadcom.com/home">"What you need to know about the WannaCry Ransomware"</a>. Symantec Security Response. Archived from <a rel="nofollow" class="external text" href="https://www.symantec.com/connect/blogs/what-you-need-know-about-wannacry-ransomware">the original</a> on 4 June 2021. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=What+you+need+to+know+about+the+WannaCry+Ransomware&rft.pub=Symantec+Security+Response&rft_id=https%3A%2F%2Fwww.symantec.com%2Fconnect%2Fblogs%2Fwhat-you-need-know-about-wannacry-ransomware&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-26"><a href="#cite_ref-26">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFBilefskyPerlroth2017" class="citation news cs1">Bilefsky, Dan; Perlroth, Nicole (12 May 2017). <a rel="nofollow" class="external text" href="https://www.nytimes.com/2017/05/12/world/europe/uk-national-health-service-cyberattack.html">"Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool"</a>. The New York Times. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/0362-4331">0362-4331</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170512175109/https://www.nytimes.com/2017/05/12/world/europe/uk-national-health-service-cyberattack.html">Archived</a> from the original on 12 May 2017. Retrieved 12 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+New+York+Times&rft.atitle=Hackers+Hit+Dozens+of+Countries+Exploiting+Stolen+N.S.A.+Tool&rft.date=2017-05-12&rft.issn=0362-4331&rft.aulast=Bilefsky&rft.aufirst=Dan&rft.au=Perlroth%2C+Nicole&rft_id=https%3A%2F%2Fwww.nytimes.com%2F2017%2F05%2F12%2Fworld%2Feurope%2Fuk-national-health-service-cyberattack.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-mbytes-27">^ <a href="#cite_ref-mbytes_27-0">a</a> <a href="#cite_ref-mbytes_27-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFClark2017" class="citation web cs1">Clark, Zammis (13 May 2017). <a rel="nofollow" class="external text" href="https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/">"The worm that spreads WanaCrypt0r"</a>. Malwarebytes Labs. malwarebytes.com. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170517071331/https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/">Archived</a> from the original on 17 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Malwarebytes+Labs&rft.atitle=The+worm+that+spreads+WanaCrypt0r&rft.date=2017-05-13&rft.aulast=Clark&rft.aufirst=Zammis&rft_id=https%3A%2F%2Fblog.malwarebytes.com%2Fthreat-analysis%2F2017%2F05%2Fthe-worm-that-spreads-wanacrypt0r%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-mcafee-28">^ <a href="#cite_ref-mcafee_28-0">a</a> <a href="#cite_ref-mcafee_28-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSamani2017" class="citation web cs1">Samani, Raj (12 May 2017). <a rel="nofollow" class="external text" href="https://securingtomorrow.mcafee.com/executive-perspectives/analysis-wannacry-ransomware-outbreak/">"An Analysis of the WANNACRY Ransomware outbreak"</a>. McAfee. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170513130032/https://securingtomorrow.mcafee.com/executive-perspectives/analysis-wannacry-ransomware-outbreak/">Archived</a> from the original on 13 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=An+Analysis+of+the+WANNACRY+Ransomware+outbreak&rft.pub=McAfee&rft.date=2017-05-12&rft.aulast=Samani&rft.aufirst=Raj&rft_id=https%3A%2F%2Fsecuringtomorrow.mcafee.com%2Fexecutive-perspectives%2Fanalysis-wannacry-ransomware-outbreak%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-29"><a href="#cite_ref-29">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFThomasGroveGross2017" class="citation news cs1">Thomas, Andrea; Grove, Thomas; and Gross, Jenny (13 May 2017). <a rel="nofollow" class="external text" href="https://www.wsj.com/articles/more-cyberattack-victims-emerge-as-agencies-search-for-clues-1494671938">"More Cyberattack Victims Emerge as Agencies Search for Clues"</a>. <a href="/wiki/The_Wall_Street_Journal" title="The Wall Street Journal">The Wall Street Journal</a>. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/0099-9660">0099-9660</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170513215503/https://www.wsj.com/articles/more-cyberattack-victims-emerge-as-agencies-search-for-clues-1494671938">Archived</a> from the original on 13 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Wall+Street+Journal&rft.atitle=More+Cyberattack+Victims+Emerge+as+Agencies+Search+for+Clues&rft.date=2017-05-13&rft.issn=0099-9660&rft.aulast=Thomas&rft.aufirst=Andrea&rft.au=Grove%2C+Thomas&rft.au=Gross%2C+Jenny&rft_id=https%3A%2F%2Fwww.wsj.com%2Farticles%2Fmore-cyberattack-victims-emerge-as-agencies-search-for-clues-1494671938&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-30"><a href="#cite_ref-30">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFCollins2017" class="citation web cs1">Collins, Keith (12 May 2017). <a rel="nofollow" class="external text" href="https://qz.com/982993/watch-as-these-bitcoin-wallets-receive-ransomware-payments-from-the-ongoing-cyberattack/">"Watch as these bitcoin wallets receive ransomware payments from the global cyberattack"</a>. Quartz. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030716/https://qz.com/982993/watch-as-these-bitcoin-wallets-receive-ransomware-payments-from-the-ongoing-cyberattack/">Archived</a> from the original on 4 June 2021. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Quartz&rft.atitle=Watch+as+these+bitcoin+wallets+receive+ransomware+payments+from+the+global+cyberattack&rft.date=2017-05-12&rft.aulast=Collins&rft.aufirst=Keith&rft_id=https%3A%2F%2Fqz.com%2F982993%2Fwatch-as-these-bitcoin-wallets-receive-ransomware-payments-from-the-ongoing-cyberattack%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-31"><a href="#cite_ref-31">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://zerosum0x0.blogspot.com/2017/04/ms17-010-smb-rce-metasploit-scanner.html">"MS17-010 (SMB RCE) Metasploit Scanner Detection Module"</a>. @zerosum0x0. 18 April 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170925011549/https://zerosum0x0.blogspot.com/2017/04/ms17-010-smb-rce-metasploit-scanner.html">Archived</a> from the original on 25 September 2017. Retrieved 18 April 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=%40zerosum0x0&rft.atitle=MS17-010+%28SMB+RCE%29+Metasploit+Scanner+Detection+Module&rft.date=2017-04-18&rft_id=https%3A%2F%2Fzerosum0x0.blogspot.com%2F2017%2F04%2Fms17-010-smb-rce-metasploit-scanner.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-32"><a href="#cite_ref-32">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://zerosum0x0.blogspot.com/2017/04/doublepulsar-initial-smb-backdoor-ring.html">"DoublePulsar Initial SMB Backdoor Ring 0 Shellcode Analysis"</a>. @zerosum0x0. 21 April 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170812215057/https://zerosum0x0.blogspot.com/2017/04/doublepulsar-initial-smb-backdoor-ring.html">Archived</a> from the original on 12 August 2017. Retrieved 21 April 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=%40zerosum0x0&rft.atitle=DoublePulsar+Initial+SMB+Backdoor+Ring+0+Shellcode+Analysis&rft.date=2017-04-21&rft_id=https%3A%2F%2Fzerosum0x0.blogspot.com%2F2017%2F04%2Fdoublepulsar-initial-smb-backdoor-ring.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-33"><a href="#cite_ref-33">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/">"WannaCrypt ransomware worm targets out-of-date systems"</a>. TechNet. Microsoft. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210211014140/https://www.microsoft.com/security/blog/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/?source=mmpc">Archived</a> from the original on 11 February 2021. Retrieved 20 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=TechNet&rft.atitle=WannaCrypt+ransomware+worm+targets+out-of-date+systems&rft.date=2017-05-13&rft_id=https%3A%2F%2Fblogs.technet.microsoft.com%2Fmmpc%2F2017%2F05%2F12%2Fwannacrypt-ransomware-worm-targets-out-of-date-systems%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-naked-34">^ <a href="#cite_ref-naked_34-0">a</a> <a href="#cite_ref-naked_34-1">b</a> <a href="#cite_ref-naked_34-2">c</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFBrenner2017" class="citation web cs1">Brenner, Bill (16 May 2017). <a rel="nofollow" class="external text" href="https://nakedsecurity.sophos.com/2017/05/17/wannacry-the-ransomware-worm-that-didnt-arrive-on-a-phishing-hook/">"WannaCry: the ransomware worm that didn't arrive on a phishing hook"</a>. Naked Security. Sophos. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170711015125/https://nakedsecurity.sophos.com/2017/05/17/wannacry-the-ransomware-worm-that-didnt-arrive-on-a-phishing-hook/">Archived</a> from the original on 11 July 2017. Retrieved 18 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Naked+Security&rft.atitle=WannaCry%3A+the+ransomware+worm+that+didn%27t+arrive+on+a+phishing+hook&rft.date=2017-05-16&rft.aulast=Brenner&rft.aufirst=Bill&rft_id=https%3A%2F%2Fnakedsecurity.sophos.com%2F2017%2F05%2F17%2Fwannacry-the-ransomware-worm-that-didnt-arrive-on-a-phishing-hook%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-35"><a href="#cite_ref-35">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFNewman2017" class="citation magazine cs1">Newman, Lily Hay (12 May 2017). <a rel="nofollow" class="external text" href="https://www.wired.com/2017/05/ransomware-meltdown-experts-warned/">"The Ransomware Meltdown Experts Warned About Is Here"</a>. <a href="/wiki/Wired_(magazine)" title="Wired (magazine)">Wired</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170519114008/https://www.wired.com/2017/05/ransomware-meltdown-experts-warned/">Archived</a> from the original on 19 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Wired&rft.atitle=The+Ransomware+Meltdown+Experts+Warned+About+Is+Here&rft.date=2017-05-12&rft.aulast=Newman&rft.aufirst=Lily+Hay&rft_id=https%3A%2F%2Fwww.wired.com%2F2017%2F05%2Fransomware-meltdown-experts-warned%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-36"><a href="#cite_ref-36">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFYuzifovich" class="citation web cs1">Yuzifovich, Yuriy. <a rel="nofollow" class="external text" href="https://www.nominum.com/tech-blog/wannacry-views-dns-frontline/">"WannaCry: views from the DNS frontline"</a>. Security and Data Science. nominum. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170521114636/http://nominum.com/tech-blog/wannacry-views-dns-frontline/">Archived</a> from the original on 21 May 2017. Retrieved 18 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Security+and+Data+Science&rft.atitle=WannaCry%3A+views+from+the+DNS+frontline&rft.aulast=Yuzifovich&rft.aufirst=Yuriy&rft_id=https%3A%2F%2Fwww.nominum.com%2Ftech-blog%2Fwannacry-views-dns-frontline%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-37"><a href="#cite_ref-37">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGoodin" class="citation news cs1">Goodin, Dan. <a rel="nofollow" class="external text" href="https://arstechnica.com/security/2017/05/an-nsa-derived-ransomware-worm-is-shutting-down-computers-worldwide/">"An NSA-derived ransomware worm is shutting down computers worldwide"</a>. Ars Technica. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170512235114/https://arstechnica.com/security/2017/05/an-nsa-derived-ransomware-worm-is-shutting-down-computers-worldwide/">Archived</a> from the original on 12 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Ars+Technica&rft.atitle=An+NSA-derived+ransomware+worm+is+shutting+down+computers+worldwide&rft.aulast=Goodin&rft.aufirst=Dan&rft_id=https%3A%2F%2Farstechnica.com%2Fsecurity%2F2017%2F05%2Fan-nsa-derived-ransomware-worm-is-shutting-down-computers-worldwide%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-:3-38">^ <a href="#cite_ref-:3_38-0">a</a> <a href="#cite_ref-:3_38-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.bbc.com/news/world-europe-39907965">"Cyber-attack: Europol says it was unprecedented in scale"</a>. BBC News. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170514152532/http://www.bbc.com/news/world-europe-39907965">Archived</a> from the original on 14 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=BBC+News&rft.atitle=Cyber-attack%3A+Europol+says+it+was+unprecedented+in+scale&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.bbc.com%2Fnews%2Fworld-europe-39907965&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-cnbc1-39"><a href="#cite_ref-cnbc1_39-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.cnbc.com/2017/05/14/cyber-attack-hits-200000-in-at-least-150-countries-europol.html">"'Unprecedented' cyberattack hits 200,000 in at least 150 countries, and the threat is escalating"</a>. CNBC. 14 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170515024912/http://www.cnbc.com/2017/05/14/cyber-attack-hits-200000-in-at-least-150-countries-europol.html">Archived</a> from the original on 15 May 2017. Retrieved 16 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=%27Unprecedented%27+cyberattack+hits+200%2C000+in+at+least+150+countries%2C+and+the+threat+is+escalating&rft.pub=CNBC&rft.date=2017-05-14&rft_id=https%3A%2F%2Fwww.cnbc.com%2F2017%2F05%2F14%2Fcyber-attack-hits-200000-in-at-least-150-countries-europol.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-exploit-40"><a href="#cite_ref-exploit_40-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="http://www.eweek.com/security/wannacry-ransomware-attack-hits-victims-with-microsoft-smb-exploit">"WannaCry Ransomware Attack Hits Victims With Microsoft SMB Exploit"</a>. <a href="/wiki/EWeek" title="EWeek">eWeek</a>. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=eWeek&rft.atitle=WannaCry+Ransomware+Attack+Hits+Victims+With+Microsoft+SMB+Exploit&rft_id=http%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fwannacry-ransomware-attack-hits-victims-with-microsoft-smb-exploit&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-vicexp-41">^ <a href="#cite_ref-vicexp_41-0">a</a> <a href="#cite_ref-vicexp_41-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://motherboard.vice.com/en_us/article/nhs-hospitals-are-running-thousands-of-computers-on-unsupported-windows-xp">"NHS Hospitals Are Running Thousands of Computers on Unsupported Windows XP"</a>. Motherboard. 29 September 2016. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170518053902/https://motherboard.vice.com/en_us/article/nhs-hospitals-are-running-thousands-of-computers-on-unsupported-windows-xp">Archived</a> from the original on 18 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Motherboard&rft.atitle=NHS+Hospitals+Are+Running+Thousands+of+Computers+on+Unsupported+Windows+XP&rft.date=2016-09-29&rft_id=https%3A%2F%2Fmotherboard.vice.com%2Fen_us%2Farticle%2Fnhs-hospitals-are-running-thousands-of-computers-on-unsupported-windows-xp&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-unsupported-42">^ <a href="#cite_ref-unsupported_42-0">a</a> <a href="#cite_ref-unsupported_42-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.theverge.com/2017/5/13/15635006/microsoft-windows-xp-security-patch-wannacry-ransomware-attack">"Microsoft issues 'highly unusual' Windows XP patch to prevent massive ransomware attack"</a>. The Verge. Vox Media. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170514023327/https://www.theverge.com/2017/5/13/15635006/microsoft-windows-xp-security-patch-wannacry-ransomware-attack">Archived</a> from the original on 14 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Verge&rft.atitle=Microsoft+issues+%27highly+unusual%27+Windows+XP+patch+to+prevent+massive+ransomware+attack&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.theverge.com%2F2017%2F5%2F13%2F15635006%2Fmicrosoft-windows-xp-security-patch-wannacry-ransomware-attack&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-:2-43"><a href="#cite_ref-:2_43-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFBrandom2017" class="citation web cs1">Brandom, Russell (19 May 2017). <a rel="nofollow" class="external text" href="https://www.theverge.com/2017/5/19/15665488/wannacry-windows-7-version-xp-patched-victim-statistics">"Almost all WannaCry victims were running Windows 7"</a>. <a href="/wiki/The_Verge" title="The Verge">The Verge</a>. <a href="/wiki/Vox_Media" title="Vox Media">Vox Media</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20201116214712/https://www.theverge.com/2017/5/19/15665488/wannacry-windows-7-version-xp-patched-victim-statistics">Archived</a> from the original on 16 November 2020. Retrieved 10 December 2020.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Verge&rft.atitle=Almost+all+WannaCry+victims+were+running+Windows+7&rft.date=2017-05-19&rft.aulast=Brandom&rft.aufirst=Russell&rft_id=https%3A%2F%2Fwww.theverge.com%2F2017%2F5%2F19%2F15665488%2Fwannacry-windows-7-version-xp-patched-victim-statistics&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-verge-xpimpact-44">^ <a href="#cite_ref-verge-xpimpact_44-0">a</a> <a href="#cite_ref-verge-xpimpact_44-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFBrandom2017" class="citation web cs1">Brandom, Russell (30 May 2017). <a rel="nofollow" class="external text" href="https://www.theverge.com/2017/5/30/15712542/windows-xp-wannacry-protect-ransomware-blue-screen">"Windows XP computers were mostly immune to WannaCry"</a>. <a href="/wiki/The_Verge" title="The Verge">The Verge</a>. <a href="/wiki/Vox_Media" title="Vox Media">Vox Media</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210211014116/https://www.theverge.com/2017/5/30/15712542/windows-xp-wannacry-protect-ransomware-blue-screen">Archived</a> from the original on 11 February 2021. Retrieved 10 December 2020.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Verge&rft.atitle=Windows+XP+computers+were+mostly+immune+to+WannaCry&rft.date=2017-05-30&rft.aulast=Brandom&rft.aufirst=Russell&rft_id=https%3A%2F%2Fwww.theverge.com%2F2017%2F5%2F30%2F15712542%2Fwindows-xp-wannacry-protect-ransomware-blue-screen&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-kl-twoweekslater-45"><a href="#cite_ref-kl-twoweekslater_45-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://blog.kryptoslogic.com/malware/2017/05/29/two-weeks-later.html">"WannaCry: Two Weeks and 16 Million Averted May 2017"</a>. 30 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170530071329/https://blog.kryptoslogic.com/malware/2017/05/29/two-weeks-later.html">Archived</a> from the original on 30 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=WannaCry%3A+Two+Weeks+and+16+Million+Averted+May+2017&rft.date=2017-05-30&rft_id=https%3A%2F%2Fblog.kryptoslogic.com%2Fmalware%2F2017%2F05%2F29%2Ftwo-weeks-later.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-46"><a href="#cite_ref-46">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.newsit.gr/kosmos/pagkosmios-tromos-pano-apo-100-xores-xtypisan-oi-xakers-poy-zitoyn-lytra/1023246/">"Παγκόσμιος τρόμος: Πάνω από 100 χώρες "χτύπησε" ο WannaCry που ζητάει λύτρα!"</a>. newsit.gr. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20191116133845/https://www.newsit.gr/kosmos/pagkosmios-tromos-pano-apo-100-xores-xtypisan-oi-xakers-poy-zitoyn-lytra/1023246/">Archived</a> from the original on 16 November 2019. Retrieved 16 November 2019.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=newsit.gr&rft.atitle=%CE%A0%CE%B1%CE%B3%CE%BA%CF%8C%CF%83%CE%BC%CE%B9%CE%BF%CF%82+%CF%84%CF%81%CF%8C%CE%BC%CE%BF%CF%82%3A+%CE%A0%CE%AC%CE%BD%CF%89+%CE%B1%CF%80%CF%8C+100+%CF%87%CF%8E%CF%81%CE%B5%CF%82+%22%CF%87%CF%84%CF%8D%CF%80%CE%B7%CF%83%CE%B5%22+%CE%BF+WannaCry+%CF%80%CE%BF%CF%85+%CE%B6%CE%B7%CF%84%CE%AC%CE%B5%CE%B9+%CE%BB%CF%8D%CF%84%CF%81%CE%B1%21&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.newsit.gr%2Fkosmos%2Fpagkosmios-tromos-pano-apo-100-xores-xtypisan-oi-xakers-poy-zitoyn-lytra%2F1023246%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-NS-47"><a href="#cite_ref-NS_47-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFReynolds2017" class="citation journal cs1">Reynolds, Matt (17 May 2017). <a rel="nofollow" class="external text" href="https://www.newscientist.com/article/mg23431263-500-ransomware-attack-hits-200000-computers-across-the-globe/">"Ransomware attack hits 200,000 computers across the globe"</a>. New Scientist. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190419105359/https://www.newscientist.com/article/mg23431263-500-ransomware-attack-hits-200000-computers-across-the-globe/">Archived</a> from the original on 19 April 2019. Retrieved 10 December 2020.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=New+Scientist&rft.atitle=Ransomware+attack+hits+200%2C000+computers+across+the+globe&rft.date=2017-05-17&rft.aulast=Reynolds&rft.aufirst=Matt&rft_id=https%3A%2F%2Fwww.newscientist.com%2Farticle%2Fmg23431263-500-ransomware-attack-hits-200000-computers-across-the-globe%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-BBC-48"><a href="#cite_ref-BBC_48-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFBaraniuk2017" class="citation news cs1">Baraniuk, Chris (15 May 2017). <a rel="nofollow" class="external text" href="https://www.bbc.com/news/technology-39920269">"Should you pay the WannaCry ransom?"</a>. BBC News. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20201129180914/https://www.bbc.com/news/technology-39920269">Archived</a> from the original on 29 November 2020. Retrieved 10 December 2020.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=BBC+News&rft.atitle=Should+you+pay+the+WannaCry+ransom%3F&rft.date=2017-05-15&rft.aulast=Baraniuk&rft.aufirst=Chris&rft_id=https%3A%2F%2Fwww.bbc.com%2Fnews%2Ftechnology-39920269&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-49"><a href="#cite_ref-49">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFPalmer2017" class="citation news cs1">Palmer, Danny (22 May 2017). <a rel="nofollow" class="external text" href="https://www.zdnet.com/article/ransomware-wannacry-was-basic-next-time-could-be-much-worse/">"Ransomware: WannaCry was basic, next time could be much worse"</a>. ZDNet. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20201129112124/https://www.zdnet.com/article/ransomware-wannacry-was-basic-next-time-could-be-much-worse/">Archived</a> from the original on 29 November 2020. Retrieved 10 December 2020.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=ZDNet&rft.atitle=Ransomware%3A+WannaCry+was+basic%2C+next+time+could+be+much+worse&rft.date=2017-05-22&rft.aulast=Palmer&rft.aufirst=Danny&rft_id=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fransomware-wannacry-was-basic-next-time-could-be-much-worse%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-50"><a href="#cite_ref-50">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFCollins2017" class="citation news cs1">Collins, Keith (13 May 2017). <a rel="nofollow" class="external text" href="https://qz.com/982993/watch-as-these-bitcoin-wallets-receive-ransomware-payments-from-the-ongoing-cyberattack/">"Watch as these bitcoin wallets receive ransomware payments from the ongoing global cyberattack"</a>. <a href="/wiki/Quartz_(publication)" title="Quartz (publication)">Quartz</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030648/https://qz.com/982993/watch-as-these-bitcoin-wallets-receive-ransomware-payments-from-the-ongoing-cyberattack/">Archived</a> from the original on 4 June 2021. Retrieved 10 December 2020.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Quartz&rft.atitle=Watch+as+these+bitcoin+wallets+receive+ransomware+payments+from+the+ongoing+global+cyberattack&rft.date=2017-05-13&rft.aulast=Collins&rft.aufirst=Keith&rft_id=https%3A%2F%2Fqz.com%2F982993%2Fwatch-as-these-bitcoin-wallets-receive-ransomware-payments-from-the-ongoing-cyberattack%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-51"><a href="#cite_ref-51">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFThompson2017" class="citation web cs1">Thompson, Iain (16 May 2017). <a rel="nofollow" class="external text" href="https://www.theregister.co.uk/2017/05/16/microsoft_stockpiling_flaws_too/">"While Microsoft griped about NSA exploit stockpiles, it stockpiled patches: Friday's WinXP fix was built in February"</a>. The Register. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171222051650/https://www.theregister.co.uk/2017/05/16/microsoft_stockpiling_flaws_too/">Archived</a> from the original on 22 December 2017. Retrieved 19 December 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Register&rft.atitle=While+Microsoft+griped+about+NSA+exploit+stockpiles%2C+it+stockpiled+patches%3A+Friday%27s+WinXP+fix+was+built+in+February&rft.date=2017-05-16&rft.aulast=Thompson&rft.aufirst=Iain&rft_id=https%3A%2F%2Fwww.theregister.co.uk%2F2017%2F05%2F16%2Fmicrosoft_stockpiling_flaws_too%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-52"><a href="#cite_ref-52">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFHern2017" class="citation news cs1">Hern, Alex (14 June 2017). <a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2017/jun/14/wannacry-attacks-prompt-microsoft-to-release-updates-for-older-windows-versions">"WannaCry attacks prompt Microsoft to release Windows updates for older versions"</a>. The Guardian. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/0261-3077">0261-3077</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170614121359/https://www.theguardian.com/technology/2017/jun/14/wannacry-attacks-prompt-microsoft-to-release-updates-for-older-windows-versions">Archived</a> from the original on 14 June 2017. Retrieved 14 June 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Guardian&rft.atitle=WannaCry+attacks+prompt+Microsoft+to+release+Windows+updates+for+older+versions&rft.date=2017-06-14&rft.issn=0261-3077&rft.aulast=Hern&rft.aufirst=Alex&rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Fjun%2F14%2Fwannacry-attacks-prompt-microsoft-to-release-updates-for-older-windows-versions&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-53"><a href="#cite_ref-53">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.computing.co.uk/ctg/news/3011916/microsoft-rushes-out-patch-for-windows-xp-to-prevent-another-wannacry-attack-via-a-shadow-brokers-release">"Microsoft rushes out patch for Windows XP to prevent another WannaCry attack via a Shadow Brokers release"</a>. Computing.com. 14 June 2017. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/0261-3077">0261-3077</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170614202952/https://www.computing.co.uk/ctg/news/3011916/microsoft-rushes-out-patch-for-windows-xp-to-prevent-another-wannacry-attack-via-a-shadow-brokers-release">Archived</a> from the original on 14 June 2017. Retrieved 14 June 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Computing.com&rft.atitle=Microsoft+rushes+out+patch+for+Windows+XP+to+prevent+another+WannaCry+attack+via+a+Shadow+Brokers+release&rft.date=2017-06-14&rft.issn=0261-3077&rft_id=https%3A%2F%2Fwww.computing.co.uk%2Fctg%2Fnews%2F3011916%2Fmicrosoft-rushes-out-patch-for-windows-xp-to-prevent-another-wannacry-attack-via-a-shadow-brokers-release&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-54"><a href="#cite_ref-54">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="http://www.abc.net.au/news/2017-05-16/ransomware-cyberattack-marcus-hutchins-gives-interview/8530574">"'Just doing my bit': The 22yo who blocked the WannaCry cyberattack"</a>. ABC News. 16 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170517060218/http://www.abc.net.au/news/2017-05-16/ransomware-cyberattack-marcus-hutchins-gives-interview/8530574">Archived</a> from the original on 17 May 2017. Retrieved 17 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=ABC+News&rft.atitle=%27Just+doing+my+bit%27%3A+The+22yo+who+blocked+the+WannaCry+cyberattack&rft.date=2017-05-16&rft_id=http%3A%2F%2Fwww.abc.net.au%2Fnews%2F2017-05-16%2Fransomware-cyberattack-marcus-hutchins-gives-interview%2F8530574&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-MalwareTech-55">^ <a href="#cite_ref-MalwareTech_55-0">a</a> <a href="#cite_ref-MalwareTech_55-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMalwareTech2017" class="citation web cs1"><a href="/wiki/MalwareTech" class="mw-redirect" title="MalwareTech">MalwareTech</a> (13 May 2017). <a rel="nofollow" class="external text" href="https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html">"How to Accidentally Stop a Global Cyber Attacks"</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170514192136/https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html">Archived</a> from the original on 14 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=How+to+Accidentally+Stop+a+Global+Cyber+Attacks&rft.date=2017-05-13&rft.au=MalwareTech&rft_id=https%3A%2F%2Fwww.malwaretech.com%2F2017%2F05%2Fhow-to-accidentally-stop-a-global-cyber-attacks.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-56"><a href="#cite_ref-56">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFBodkinHendersonDonnellyMendick2017" class="citation news cs1">Bodkin, Henry; Henderson, Barney; Donnelly, Laura; Mendick, Robert; Farmer, Ben; and Graham, Chris (12 May 2017). <a rel="nofollow" class="external text" href="https://www.telegraph.co.uk/news/2017/05/12/nhs-hit-major-cyber-attack-hackers-demanding-ransom/">"Government under pressure after NHS crippled in global cyber attack as weekend of chaos looms"</a>. The Telegraph. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180327080328/https://www.telegraph.co.uk/news/2017/05/12/nhs-hit-major-cyber-attack-hackers-demanding-ransom/">Archived</a> from the original on 27 March 2018. Retrieved 5 April 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Telegraph&rft.atitle=Government+under+pressure+after+NHS+crippled+in+global+cyber+attack+as+weekend+of+chaos+looms&rft.date=2017-05-12&rft.aulast=Bodkin&rft.aufirst=Henry&rft.au=Henderson%2C+Barney&rft.au=Donnelly%2C+Laura&rft.au=Mendick%2C+Robert&rft.au=Farmer%2C+Ben&rft.au=Graham%2C+Chris&rft_id=https%3A%2F%2Fwww.telegraph.co.uk%2Fnews%2F2017%2F05%2F12%2Fnhs-hit-major-cyber-attack-hackers-demanding-ransom%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-57"><a href="#cite_ref-57">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFThomson2017" class="citation web cs1">Thomson, Iain (13 May 2017). <a rel="nofollow" class="external text" href="https://www.theregister.co.uk/2017/05/13/wannacrypt_ransomware_worm/">"74 countries hit by NSA-powered WannaCrypt ransomware backdoor: Emergency fixes emitted by Microsoft for WinXP+"</a>. The Register. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170513064430/https://www.theregister.co.uk/2017/05/13/wannacrypt_ransomware_worm/">Archived</a> from the original on 13 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Register&rft.atitle=74+countries+hit+by+NSA-powered+WannaCrypt+ransomware+backdoor%3A+Emergency+fixes+emitted+by+Microsoft+for+WinXP%2B&rft.date=2017-05-13&rft.aulast=Thomson&rft.aufirst=Iain&rft_id=https%3A%2F%2Fwww.theregister.co.uk%2F2017%2F05%2F13%2Fwannacrypt_ransomware_worm%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-58"><a href="#cite_ref-58">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFKhomamiSolon2017" class="citation web cs1">Khomami, Nadia and Solon, Olivia (13 May 2017). <a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack">"'Accidental hero' halts ransomware attack and warns: this is not over"</a>. The Guardian. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190523162741/https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack">Archived</a> from the original on 23 May 2019. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Guardian&rft.atitle=%27Accidental+hero%27+halts+ransomware+attack+and+warns%3A+this+is+not+over&rft.date=2017-05-13&rft.aulast=Khomami&rft.aufirst=Nadia&rft.au=Solon%2C+Olivia&rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Fmay%2F13%2Faccidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-59"><a href="#cite_ref-59">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFNewman" class="citation news cs1">Newman, Lily Hay. <a rel="nofollow" class="external text" href="https://www.wired.com/2017/05/accidental-kill-switch-slowed-fridays-massive-ransomware-attack/">"How an Accidental 'Kill Switch' Slowed Friday's Massive Ransomware Attack"</a>. Wired Security. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170514001842/https://www.wired.com/2017/05/accidental-kill-switch-slowed-fridays-massive-ransomware-attack/">Archived</a> from the original on 14 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Wired+Security&rft.atitle=How+an+Accidental+%27Kill+Switch%27+Slowed+Friday%27s+Massive+Ransomware+Attack&rft.aulast=Newman&rft.aufirst=Lily+Hay&rft_id=https%3A%2F%2Fwww.wired.com%2F2017%2F05%2Faccidental-kill-switch-slowed-fridays-massive-ransomware-attack%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-60"><a href="#cite_ref-60">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSolon2017" class="citation news cs1">Solon, Olivia (13 May 2017). <a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack">"'Accidental hero' finds kill switch to stop spread of ransomware cyber-attack"</a>. <a href="/wiki/The_Guardian" title="The Guardian">The Guardian</a>. London. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190523162741/https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack">Archived</a> from the original on 23 May 2019. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Guardian&rft.atitle=%27Accidental+hero%27+finds+kill+switch+to+stop+spread+of+ransomware+cyber-attack&rft.date=2017-05-13&rft.aulast=Solon&rft.aufirst=Olivia&rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Fmay%2F13%2Faccidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-61"><a href="#cite_ref-61">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFFoxx2017" class="citation web cs1">Foxx, Chris (13 May 2017). <a rel="nofollow" class="external text" href="https://www.bbc.co.uk/news/technology-39907049">"Global cyber-attack: Security blogger halts ransomware 'by accident'"</a>. BBC. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170513154327/http://www.bbc.co.uk/news/technology-39907049">Archived</a> from the original on 13 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Global+cyber-attack%3A+Security+blogger+halts+ransomware+%27by+accident%27&rft.pub=BBC&rft.date=2017-05-13&rft.aulast=Foxx&rft.aufirst=Chris&rft_id=https%3A%2F%2Fwww.bbc.co.uk%2Fnews%2Ftechnology-39907049&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-62"><a href="#cite_ref-62">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFKan2017" class="citation web cs1">Kan, Micael (12 May 2017). <a rel="nofollow" class="external text" href="http://www.pcworld.com/article/3196515/security/a-kill-switch-is-slowing-the-spread-of-wannacry-ransomware.html">"A 'kill switch' is slowing the spread of WannaCry ransomware"</a>. PC World. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516014121/http://pcworld.com/article/3196515/security/a-kill-switch-is-slowing-the-spread-of-wannacry-ransomware.html">Archived</a> from the original on 16 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=PC+World&rft.atitle=A+%27kill+switch%27+is+slowing+the+spread+of+WannaCry+ransomware&rft.date=2017-05-12&rft.aulast=Kan&rft.aufirst=Micael&rft_id=http%3A%2F%2Fwww.pcworld.com%2Farticle%2F3196515%2Fsecurity%2Fa-kill-switch-is-slowing-the-spread-of-wannacry-ransomware.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-63"><a href="#cite_ref-63">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.computerworld.com/article/3196686/security/kill-switch-helps-slow-the-spread-of-wannacry-ransomware.html/">"How an Accidental 'Kill Switch' Slowed Friday's Massive Ransomware Attack"</a>. 12 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171222162742/https://www.computerworld.com/article/3196686/security/kill-switch-helps-slow-the-spread-of-wannacry-ransomware.html">Archived</a> from the original on 22 December 2017. Retrieved 19 December 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=How+an+Accidental+%27Kill+Switch%27+Slowed+Friday%27s+Massive+Ransomware+Attack&rft.date=2017-05-12&rft_id=https%3A%2F%2Fwww.computerworld.com%2Farticle%2F3196686%2Fsecurity%2Fkill-switch-helps-slow-the-spread-of-wannacry-ransomware.html%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-64"><a href="#cite_ref-64">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFWong2017" class="citation web cs1">Wong, Joon Ian (15 May 2017). <a rel="nofollow" class="external text" href="https://qz.com/983569/a-second-wave-of-wannacry-infections-has-been-halted-with-a-new-killswitch/">"Just two domain names now stand between the world and global ransomware chaos"</a>. Quartz. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180319214519/https://qz.com/983569/a-second-wave-of-wannacry-infections-has-been-halted-with-a-new-killswitch/">Archived</a> from the original on 19 March 2018. Retrieved 25 March 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Quartz&rft.atitle=Just+two+domain+names+now+stand+between+the+world+and+global+ransomware+chaos&rft.date=2017-05-15&rft.aulast=Wong&rft.aufirst=Joon+Ian&rft_id=https%3A%2F%2Fqz.com%2F983569%2Fa-second-wave-of-wannacry-infections-has-been-halted-with-a-new-killswitch%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-65"><a href="#cite_ref-65">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://umbrella.cisco.com/blog/2017/05/16/the-hours-of-wannacry/">"The Hours of WannaCry"</a>. 17 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180326063938/https://umbrella.cisco.com/blog/2017/05/16/the-hours-of-wannacry/">Archived</a> from the original on 26 March 2018. Retrieved 25 March 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=The+Hours+of+WannaCry&rft.date=2017-05-17&rft_id=https%3A%2F%2Fumbrella.cisco.com%2Fblog%2F2017%2F05%2F16%2Fthe-hours-of-wannacry%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-66"><a href="#cite_ref-66">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://blog.checkpoint.com/2017/05/15/wannacry-new-kill-switch-new-sinkhole/">"WannaCry – New Kill-Switch, New Sinkhole"</a>. Check Point Software Blog. 15 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190411090035/https://blog.checkpoint.com/2017/05/15/wannacry-new-kill-switch-new-sinkhole/">Archived</a> from the original on 11 April 2019. Retrieved 11 April 2019.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Check+Point+Software+Blog&rft.atitle=WannaCry+%E2%80%93+New+Kill-Switch%2C+New+Sinkhole&rft.date=2017-05-15&rft_id=https%3A%2F%2Fblog.checkpoint.com%2F2017%2F05%2F15%2Fwannacry-new-kill-switch-new-sinkhole%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-spiegel1-67"><a href="#cite_ref-spiegel1_67-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFKhandelwal" class="citation news cs1">Khandelwal, Swati. <a rel="nofollow" class="external text" href="http://thehackernews.com/2017/05/wannacry-ransomware-cyber-attack.html">"It's Not Over, WannaCry 2.0 Ransomware Just Arrived With No 'Kill-Switch'"</a>. The Hacker News. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030646/https://thehackernews.com/2017/05/wannacry-ransomware-cyber-attack.html">Archived</a> from the original on 4 June 2021. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Hacker+News&rft.atitle=It%27s+Not+Over%2C+WannaCry+2.0+Ransomware+Just+Arrived+With+No+%27Kill-Switch%27&rft.aulast=Khandelwal&rft.aufirst=Swati&rft_id=http%3A%2F%2Fthehackernews.com%2F2017%2F05%2Fwannacry-ransomware-cyber-attack.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-68"><a href="#cite_ref-68">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFShieber" class="citation news cs1">Shieber, Jonathan. <a rel="nofollow" class="external text" href="https://techcrunch.com/2017/05/14/companies-governments-brace-for-a-second-round-of-cyberattacks-in-wannacrys-wake/">"Companies, governments brace for a second round of cyberattacks in WannaCry's wake"</a>. TechCrunch. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030646/https://techcrunch.com/2017/05/14/companies-governments-brace-for-a-second-round-of-cyberattacks-in-wannacrys-wake/">Archived</a> from the original on 4 June 2021. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=TechCrunch&rft.atitle=Companies%2C+governments+brace+for+a+second+round+of+cyberattacks+in+WannaCry%27s+wake&rft.aulast=Shieber&rft.aufirst=Jonathan&rft_id=https%3A%2F%2Ftechcrunch.com%2F2017%2F05%2F14%2Fcompanies-governments-brace-for-a-second-round-of-cyberattacks-in-wannacrys-wake%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-69"><a href="#cite_ref-69">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFChanScott2017" class="citation web cs1">Chan, Sewell; Scott, Mark (14 May 2017). <a rel="nofollow" class="external text" href="https://www.nytimes.com/2017/05/14/world/europe/cyberattacks-hack-computers-monday.html">"Cyberattack's Impact Could Worsen in 'Second Wave' of Ransomware"</a>. The New York Times. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210414030109/https://www.nytimes.com/2017/05/14/world/europe/cyberattacks-hack-computers-monday.html">Archived</a> from the original on 14 April 2021. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+New+York+Times&rft.atitle=Cyberattack%27s+Impact+Could+Worsen+in+%27Second+Wave%27+of+Ransomware&rft.date=2017-05-14&rft.aulast=Chan&rft.aufirst=Sewell&rft.au=Scott%2C+Mark&rft_id=https%3A%2F%2Fwww.nytimes.com%2F2017%2F05%2F14%2Fworld%2Feurope%2Fcyberattacks-hack-computers-monday.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-70"><a href="#cite_ref-70">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.nbcnews.com/news/us-news/blockbuster-wannacry-malware-could-just-be-getting-started-experts-n759356">"Warning: Blockbuster 'WannaCry' malware could just be getting started"</a>. <a href="/wiki/NBC_News" title="NBC News">NBC News</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210413193215/https://www.nbcnews.com/news/us-news/blockbuster-wannacry-malware-could-just-be-getting-started-experts-n759356">Archived</a> from the original on 13 April 2021. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=NBC+News&rft.atitle=Warning%3A+Blockbuster+%27WannaCry%27+malware+could+just+be+getting+started&rft_id=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Fblockbuster-wannacry-malware-could-just-be-getting-started-experts-n759356&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-71"><a href="#cite_ref-71">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGreenberg2017" class="citation magazine cs1">Greenberg, Andy (19 May 2017). <a rel="nofollow" class="external text" href="https://www.wired.com/2017/05/wannacry-ransomware-ddos-attack/">"Botnets Are Trying to Reignite the Ransomware Outbreak"</a>. WIRED. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170522065700/https://www.wired.com/2017/05/wannacry-ransomware-ddos-attack/">Archived</a> from the original on 22 May 2017. Retrieved 22 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=WIRED&rft.atitle=Botnets+Are+Trying+to+Reignite+the+Ransomware+Outbreak&rft.date=2017-05-19&rft.aulast=Greenberg&rft.aufirst=Andy&rft_id=https%3A%2F%2Fwww.wired.com%2F2017%2F05%2Fwannacry-ransomware-ddos-attack%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-72"><a href="#cite_ref-72">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGibbs2017" class="citation news cs1">Gibbs, Samuel (22 May 2017). <a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2017/may/22/wannacry-hackers-ransomware-attack-kill-switch-windows-xp-7-nhs-accidental-hero-marcus-hutchins">"WannaCry hackers still trying to revive attack says accidental hero"</a>. The Guardian. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20200304035848/https://www.theguardian.com/technology/2017/may/22/wannacry-hackers-ransomware-attack-kill-switch-windows-xp-7-nhs-accidental-hero-marcus-hutchins">Archived</a> from the original on 4 March 2020. Retrieved 22 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Guardian&rft.atitle=WannaCry+hackers+still+trying+to+revive+attack+says+accidental+hero&rft.date=2017-05-22&rft.aulast=Gibbs&rft.aufirst=Samuel&rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Fmay%2F22%2Fwannacry-hackers-ransomware-attack-kill-switch-windows-xp-7-nhs-accidental-hero-marcus-hutchins&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-73"><a href="#cite_ref-73">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.bu.edu/eng/2017/05/18/protection-from-ransomware-like-wannacry/">"Protection from Ransomware like WannaCry"</a>. College of Engineering. <a href="/wiki/Boston_University" title="Boston University">Boston University</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170531121722/http://www.bu.edu/eng/2017/05/18/protection-from-ransomware-like-wannacry/">Archived</a> from the original on 31 May 2017. Retrieved 19 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Protection+from+Ransomware+like+WannaCry&rft.pub=Boston+University&rft_id=https%3A%2F%2Fwww.bu.edu%2Feng%2F2017%2F05%2F18%2Fprotection-from-ransomware-like-wannacry%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-74"><a href="#cite_ref-74">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFKolodenker2017" class="citation web cs1">Kolodenker, Eugene (16 May 2017). <a rel="nofollow" class="external text" href="https://www.benthamsgaze.org/2017/05/16/paybreak-able-to-defeat-wannacrywannacryptor-ransomware/">"PayBreak able to defeat WannaCry/WannaCryptor ransomware"</a>. Information Security Research & Education. Bentham's Gaze. <a href="/wiki/University_College_London" title="University College London">University College London</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516121452/https://www.benthamsgaze.org/2017/05/16/paybreak-able-to-defeat-wannacrywannacryptor-ransomware/">Archived</a> from the original on 16 May 2017. Retrieved 19 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Bentham%27s+Gaze&rft.atitle=PayBreak+able+to+defeat+WannaCry%2FWannaCryptor+ransomware&rft.date=2017-05-16&rft.aulast=Kolodenker&rft.aufirst=Eugene&rft_id=https%3A%2F%2Fwww.benthamsgaze.org%2F2017%2F05%2F16%2Fpaybreak-able-to-defeat-wannacrywannacryptor-ransomware%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-75"><a href="#cite_ref-75">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSuiche2017" class="citation web cs1">Suiche, Matt (19 May 2017). <a rel="nofollow" class="external text" href="https://blog.comae.io/wannacry-decrypting-files-with-wanakiwi-demo-86bafb81112d">"WannaCry — Decrypting files with WanaKiwi + Demos"</a>. Comae Technologies. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190808020050/https://blog.comae.io/wannacry-decrypting-files-with-wanakiwi-demo-86bafb81112d">Archived</a> from the original on 8 August 2019. Retrieved 11 February 2019.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Comae+Technologies&rft.atitle=WannaCry+%E2%80%94+Decrypting+files+with+WanaKiwi+%2B+Demos&rft.date=2017-05-19&rft.aulast=Suiche&rft.aufirst=Matt&rft_id=https%3A%2F%2Fblog.comae.io%2Fwannacry-decrypting-files-with-wanakiwi-demo-86bafb81112d&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-zdnet-xpwannakey-76"><a href="#cite_ref-zdnet-xpwannakey_76-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.zdnet.com/article/windows-xp-hit-by-wannacry-ransomware-this-tool-could-decrypt-your-infected-files/">"Windows XP hit by WannaCry ransomware? This tool could decrypt your infected files"</a>. ZDNet. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170523142948/http://www.zdnet.com/article/windows-xp-hit-by-wannacry-ransomware-this-tool-could-decrypt-your-infected-files/">Archived</a> from the original on 23 May 2017. Retrieved 30 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=ZDNet&rft.atitle=Windows+XP+hit+by+WannaCry+ransomware%3F+This+tool+could+decrypt+your+infected+files&rft_id=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fwindows-xp-hit-by-wannacry-ransomware-this-tool-could-decrypt-your-infected-files%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-ars-wannakey-77"><a href="#cite_ref-ars-wannakey_77-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://arstechnica.co.uk/security/2017/05/windows-xp-wannacry-decryption/">"Windows XP PCs infected by WannaCry can be decrypted without paying ransom"</a>. Ars Technica. 18 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170531080228/https://arstechnica.co.uk/security/2017/05/windows-xp-wannacry-decryption/">Archived</a> from the original on 31 May 2017. Retrieved 30 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Ars+Technica&rft.atitle=Windows+XP+PCs+infected+by+WannaCry+can+be+decrypted+without+paying+ransom&rft.date=2017-05-18&rft_id=https%3A%2F%2Farstechnica.co.uk%2Fsecurity%2F2017%2F05%2Fwindows-xp-wannacry-decryption%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-78"><a href="#cite_ref-78">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGreenberg2017" class="citation magazine cs1">Greenberg, Andy (18 May 2017). <a rel="nofollow" class="external text" href="https://www.wired.com/2017/05/wannacry-flaw-help-windows-xp-victims-get-files-back/">"A WannaCry flaw could help some windows XP users get files back"</a>. Wired. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170518232007/https://www.wired.com/2017/05/wannacry-flaw-help-windows-xp-victims-get-files-back/">Archived</a> from the original on 18 May 2017. Retrieved 18 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Wired&rft.atitle=A+WannaCry+flaw+could+help+some+windows+XP+users+get+files+back&rft.date=2017-05-18&rft.aulast=Greenberg&rft.aufirst=Andy&rft_id=https%3A%2F%2Fwww.wired.com%2F2017%2F05%2Fwannacry-flaw-help-windows-xp-victims-get-files-back%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-ars-wanakiwi-79"><a href="#cite_ref-ars-wanakiwi_79-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://arstechnica.com/security/2017/05/more-people-infected-by-recent-wcry-worm-can-unlock-pcs-without-paying-ransom/">"More people infected by recent WCry worm can unlock PCs without paying ransom"</a>. Ars Technica. 19 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170522160218/https://arstechnica.com/security/2017/05/more-people-infected-by-recent-wcry-worm-can-unlock-pcs-without-paying-ransom/">Archived</a> from the original on 22 May 2017. Retrieved 30 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Ars+Technica&rft.atitle=More+people+infected+by+recent+WCry+worm+can+unlock+PCs+without+paying+ransom&rft.date=2017-05-19&rft_id=https%3A%2F%2Farstechnica.com%2Fsecurity%2F2017%2F05%2Fmore-people-infected-by-recent-wcry-worm-can-unlock-pcs-without-paying-ransom%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-Volz-80"><a href="#cite_ref-Volz_80-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFVolz2017" class="citation news cs1">Volz, Dustin (17 May 2017). <a rel="nofollow" class="external text" href="https://www.reuters.com/article/us-cyber-attack-idUSKCN18B0AC">"Cyber attack eases, hacking group threatens to sell code"</a>. Reuters. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170521035543/http://www.reuters.com/article/us-cyber-attack-idUSKCN18B0AC">Archived</a> from the original on 21 May 2017. Retrieved 21 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Reuters&rft.atitle=Cyber+attack+eases%2C+hacking+group+threatens+to+sell+code&rft.date=2017-05-17&rft.aulast=Volz&rft.aufirst=Dustin&rft_id=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-attack-idUSKCN18B0AC&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-register-language-81"><a href="#cite_ref-register-language_81-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFLeyden2017" class="citation web cs1">Leyden, John (26 May 2017). <a rel="nofollow" class="external text" href="https://www.theregister.co.uk/2017/05/26/wannacrypt_ransom_note_linguistics/">"WannaCrypt ransomware note likely written by Google Translate-using Chinese speakers"</a>. <a href="/wiki/The_Register" title="The Register">The Register</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170526143053/https://www.theregister.co.uk/2017/05/26/wannacrypt_ransom_note_linguistics/">Archived</a> from the original on 26 May 2017. Retrieved 26 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Register&rft.atitle=WannaCrypt+ransomware+note+likely+written+by+Google+Translate-using+Chinese+speakers&rft.date=2017-05-26&rft.aulast=Leyden&rft.aufirst=John&rft_id=https%3A%2F%2Fwww.theregister.co.uk%2F2017%2F05%2F26%2Fwannacrypt_ransom_note_linguistics%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-82"><a href="#cite_ref-82">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFCondraCostelloChu2017" class="citation news cs1">Condra, Jon; Costello, John; Chu, Sherman (25 May 2017). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170527181100/https://www.flashpoint-intel.com/blog/linguistic-analysis-wannacry-ransomware/">"Linguistic Analysis of WannaCry Ransomware Messages Suggests Chinese-Speaking Authors"</a>. Flashpoint. Archived from <a rel="nofollow" class="external text" href="https://www.flashpoint-intel.com/blog/linguistic-analysis-wannacry-ransomware/">the original</a> on 27 May 2017. <q>Flashpoint assesses with high confidence that the author(s) of WannaCry's ransomware notes are fluent in Chinese, as the language used is consistent with that of Southern China, Hong Kong, Taiwan, or Singapore. Flashpoint also assesses with high confidence that the author(s) are familiar with the English language, though not native. [...] Flashpoint assesses with moderate confidence that the Chinese ransom note served as the original source for the English version, which then generated machine translated versions of the other notes. The Chinese version contains content not in any of the others, though no other notes contain content not in the Chinese. The relative familiarity found in the Chinese text compared to the others suggests the authors were fluent in the language—perhaps comfortable enough to use the language to write the initial note.</q></cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Linguistic+Analysis+of+WannaCry+Ransomware+Messages+Suggests+Chinese-Speaking+Authors&rft.date=2017-05-25&rft.aulast=Condra&rft.aufirst=Jon&rft.au=Costello%2C+John&rft.au=Chu%2C+Sherman&rft_id=https%3A%2F%2Fwww.flashpoint-intel.com%2Fblog%2Flinguistic-analysis-wannacry-ransomware%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-83"><a href="#cite_ref-83">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFGreenberg2017" class="citation magazine cs1">Greenberg, Andy (15 May 2017). <a rel="nofollow" class="external text" href="https://www.wired.com/2017/05/wannacry-ransomware-link-suspected-north-korean-hackers/">"The Ransomware Outbreak Has a Possible Link to North Korea"</a>. Wired. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180323155609/https://www.wired.com/2017/05/wannacry-ransomware-link-suspected-north-korean-hackers/">Archived</a> from the original on 23 March 2018. Retrieved 25 March 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Wired&rft.atitle=The+Ransomware+Outbreak+Has+a+Possible+Link+to+North+Korea&rft.date=2017-05-15&rft.aulast=Greenberg&rft.aufirst=Andy&rft_id=https%3A%2F%2Fwww.wired.com%2F2017%2F05%2Fwannacry-ransomware-link-suspected-north-korean-hackers%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-84"><a href="#cite_ref-84">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://thehackernews.com/2017/05/wannacry-lazarus-north-korea.html">"Google Researcher Finds Link Between WannaCry Attacks and North Korea"</a>. The Hacker News — Cyber Security and Hacking News Website. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180325232333/https://thehackernews.com/2017/05/wannacry-lazarus-north-korea.html">Archived</a> from the original on 25 March 2018. Retrieved 25 March 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Hacker+News+%E2%80%94+Cyber+Security+and+Hacking+News+Website&rft.atitle=Google+Researcher+Finds+Link+Between+WannaCry+Attacks+and+North+Korea&rft_id=https%3A%2F%2Fthehackernews.com%2F2017%2F05%2Fwannacry-lazarus-north-korea.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-85"><a href="#cite_ref-85">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMehta2017" class="citation web cs1">Mehta, Neel [@neelmehta] (15 May 2017). <a rel="nofollow" class="external text" href="https://x.com/neelmehta/status/864164081116225536">"9c7c7149387a1c79679a87dd1ba755bc @ 0x402560, 0x40F598 ac21c8ad899727137c4b94458d7aa8d8 @ 0x10004ba0, 0x10012AA4 #WannaCryptAttribution"</a> (<a href="/wiki/Tweet_(social_media)" title="Tweet (social media)">Tweet</a>) – via <a href="/wiki/Twitter" title="Twitter">Twitter</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=9c7c7149387a1c79679a87dd1ba755bc+%40+0x402560%2C+0x40F598+ac21c8ad899727137c4b94458d7aa8d8+%40+0x10004ba0%2C+0x10012AA4+%23WannaCryptAttribution&rft.date=2017-05-15&rft.aulast=Mehta&rft.aufirst=Neel&rft_id=https%3A%2F%2Fx.com%2Fneelmehta%2Fstatus%2F864164081116225536&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-86"><a href="#cite_ref-86">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMcMillan2017" class="citation news cs1">McMillan, Robert (16 May 2017). <a rel="nofollow" class="external text" href="https://www.wsj.com/articles/researchers-identify-clue-connecting-ransomware-assault-to-group-tied-to-north-korea-1494898740">"Researchers Identify Clue Connecting Ransomware Assault to Group Tied to North Korea"</a>. The Wall Street Journal. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180323155301/https://www.wsj.com/articles/researchers-identify-clue-connecting-ransomware-assault-to-group-tied-to-north-korea-1494898740">Archived</a> from the original on 23 March 2018. Retrieved 25 March 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Wall+Street+Journal&rft.atitle=Researchers+Identify+Clue+Connecting+Ransomware+Assault+to+Group+Tied+to+North+Korea&rft.date=2017-05-16&rft.aulast=McMillan&rft.aufirst=Robert&rft_id=https%3A%2F%2Fwww.wsj.com%2Farticles%2Fresearchers-identify-clue-connecting-ransomware-assault-to-group-tied-to-north-korea-1494898740&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-attrib-1-87">^ <a href="#cite_ref-attrib-1_87-0">a</a> <a href="#cite_ref-attrib-1_87-1">b</a> <a href="#cite_ref-attrib-1_87-2">c</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSolong2017" class="citation news cs1">Solong, Olivia (15 May 2017). <a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2017/may/15/wannacry-ransomware-north-korea-lazarus-group">"WannaCry ransomware has links to North Korea, cybersecurity experts say"</a>. The Guardian. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516184006/https://www.theguardian.com/technology/2017/may/15/wannacry-ransomware-north-korea-lazarus-group">Archived</a> from the original on 16 May 2017. Retrieved 16 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Guardian&rft.atitle=WannaCry+ransomware+has+links+to+North+Korea%2C+cybersecurity+experts+say&rft.date=2017-05-15&rft.aulast=Solong&rft.aufirst=Olivia&rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Fmay%2F15%2Fwannacry-ransomware-north-korea-lazarus-group&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-88"><a href="#cite_ref-88">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFTalmadge2017" class="citation news cs1">Talmadge, Eric (19 May 2017). <a rel="nofollow" class="external text" href="https://www.independent.ie/world-news/experts-question-north-korea-role-in-wannacry-cyber-attack-35732827.html">"Experts question North Korea role in WannaCry cyber attack"</a>. independent.ie. AP. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170523123102/http://www.independent.ie/world-news/experts-question-north-korea-role-in-wannacry-cyber-attack-35732827.html">Archived</a> from the original on 23 May 2017. Retrieved 22 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=independent.ie&rft.atitle=Experts+question+North+Korea+role+in+WannaCry+cyber+attack&rft.date=2017-05-19&rft.aulast=Talmadge&rft.aufirst=Eric&rft_id=https%3A%2F%2Fwww.independent.ie%2Fworld-news%2Fexperts-question-north-korea-role-in-wannacry-cyber-attack-35732827.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-washpo-nsa-dprk-89"><a href="#cite_ref-washpo-nsa-dprk_89-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFNakashima" class="citation news cs1">Nakashima, Ellen. <a rel="nofollow" class="external text" href="https://www.washingtonpost.com/world/national-security/the-nsa-has-linked-the-wannacry-computer-worm-to-north-korea/2017/06/14/101395a2-508e-11e7-be25-3a519335381c_story.html">"The NSA has linked the WannaCry computer worm to North Korea"</a>. The Washington Post. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030732/https://www.washingtonpost.com/world/national-security/the-nsa-has-linked-the-wannacry-computer-worm-to-north-korea/2017/06/14/101395a2-508e-11e7-be25-3a519335381c_story.html">Archived</a> from the original on 4 June 2021. Retrieved 15 June 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Washington+Post&rft.atitle=The+NSA+has+linked+the+WannaCry+computer+worm+to+North+Korea&rft.aulast=Nakashima&rft.aufirst=Ellen&rft_id=https%3A%2F%2Fwww.washingtonpost.com%2Fworld%2Fnational-security%2Fthe-nsa-has-linked-the-wannacry-computer-worm-to-north-korea%2F2017%2F06%2F14%2F101395a2-508e-11e7-be25-3a519335381c_story.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-90"><a href="#cite_ref-90">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFHarley2017" class="citation news cs1">Harley, Nicola (14 October 2017). <a rel="nofollow" class="external text" href="https://www.telegraph.co.uk/news/2017/10/14/north-korea-behind-wannacry-attack-crippled-nhs-stealing-us/">"North Korea behind WannaCry attack which crippled the NHS after stealing US cyber weapons, Microsoft chief claims"</a>. The Telegraph. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/0307-1235">0307-1235</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171014054446/http://www.telegraph.co.uk/news/2017/10/14/north-korea-behind-wannacry-attack-crippled-nhs-stealing-us/">Archived</a> from the original on 14 October 2017. Retrieved 14 October 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Telegraph&rft.atitle=North+Korea+behind+WannaCry+attack+which+crippled+the+NHS+after+stealing+US+cyber+weapons%2C+Microsoft+chief+claims&rft.date=2017-10-14&rft.issn=0307-1235&rft.aulast=Harley&rft.aufirst=Nicola&rft_id=https%3A%2F%2Fwww.telegraph.co.uk%2Fnews%2F2017%2F10%2F14%2Fnorth-korea-behind-wannacry-attack-crippled-nhs-stealing-us%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-91"><a href="#cite_ref-91">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFHern2017" class="citation web cs1">Hern, Alex (26 October 2017). <a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2017/oct/27/nhs-could-have-avoided-wannacry-hack-basic-it-security-national-audit-office">"NHS could have avoided WannaCry hack with basic IT security' says report"</a>. The Guardian. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171026231603/https://www.theguardian.com/technology/2017/oct/27/nhs-could-have-avoided-wannacry-hack-basic-it-security-national-audit-office">Archived</a> from the original on 26 October 2017. Retrieved 26 October 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Guardian&rft.atitle=NHS+could+have+avoided+WannaCry+hack+with+basic+IT+security%27+says+report&rft.date=2017-10-26&rft.aulast=Hern&rft.aufirst=Alex&rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Foct%2F27%2Fnhs-could-have-avoided-wannacry-hack-basic-it-security-national-audit-office&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-92"><a href="#cite_ref-92">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFNakashima2017" class="citation news cs1">Nakashima, Ellen (18 December 2017). <a rel="nofollow" class="external text" href="https://www.washingtonpost.com/world/national-security/us-set-to-declare-north-korea-carried-out-massive-wannacry-cyber-attack/2017/12/18/509deb1c-e446-11e7-a65d-1ac0fd7f097e_story.html">"U.S. declares North Korea carried out massive WannaCry cyberattack"</a>. <a href="/wiki/The_Washington_Post" title="The Washington Post">The Washington Post</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171219002502/https://www.washingtonpost.com/world/national-security/us-set-to-declare-north-korea-carried-out-massive-wannacry-cyber-attack/2017/12/18/509deb1c-e446-11e7-a65d-1ac0fd7f097e_story.html">Archived</a> from the original on 19 December 2017. Retrieved 18 December 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Washington+Post&rft.atitle=U.S.+declares+North+Korea+carried+out+massive+WannaCry+cyberattack&rft.date=2017-12-18&rft.aulast=Nakashima&rft.aufirst=Ellen&rft_id=https%3A%2F%2Fwww.washingtonpost.com%2Fworld%2Fnational-security%2Fus-set-to-declare-north-korea-carried-out-massive-wannacry-cyber-attack%2F2017%2F12%2F18%2F509deb1c-e446-11e7-a65d-1ac0fd7f097e_story.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-93"><a href="#cite_ref-93">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFBossert2017" class="citation web cs1">Bossert, Thomas P. (18 December 2017). <a rel="nofollow" class="external text" href="https://www.wsj.com/articles/its-official-north-korea-is-behind-wannacry-1513642537">"It's Official: North Korea Is Behind WannaCry"</a>. <a href="/wiki/The_Wall_Street_Journal" title="The Wall Street Journal">The Wall Street Journal</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171219001723/https://www.wsj.com/articles/its-official-north-korea-is-behind-wannacry-1513642537">Archived</a> from the original on 19 December 2017. Retrieved 18 December 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Wall+Street+Journal&rft.atitle=It%27s+Official%3A+North+Korea+Is+Behind+WannaCry&rft.date=2017-12-18&rft.aulast=Bossert&rft.aufirst=Thomas+P.&rft_id=https%3A%2F%2Fwww.wsj.com%2Farticles%2Fits-official-north-korea-is-behind-wannacry-1513642537&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-94"><a href="#cite_ref-94">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFUchill2017" class="citation web cs1">Uchill, Joe (19 December 2017). <a rel="nofollow" class="external text" href="https://thehill.com/policy/cybersecurity/365580-wh-kim-jong-un-ordered-release-of-disastrous-wannacry-malware/">"WH: Kim Jong Un behind massive WannaCry malware attack"</a>. <a href="/wiki/The_Hill_(newspaper)" title="The Hill (newspaper)">The Hill</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171222003927/http://thehill.com/policy/cybersecurity/365580-wh-kim-jong-un-ordered-release-of-disastrous-wannacry-malware">Archived</a> from the original on 22 December 2017. Retrieved 19 December 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Hill&rft.atitle=WH%3A+Kim+Jong+Un+behind+massive+WannaCry+malware+attack&rft.date=2017-12-19&rft.aulast=Uchill&rft.aufirst=Joe&rft_id=https%3A%2F%2Fthehill.com%2Fpolicy%2Fcybersecurity%2F365580-wh-kim-jong-un-ordered-release-of-disastrous-wannacry-malware%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-95"><a href="#cite_ref-95">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.cbsnews.com/news/white-house-says-wannacry-attack-was-carried-out-by-north-korea/">"White House says WannaCry attack was carried out by North Korea"</a>. <a href="/wiki/CBS_News" title="CBS News">CBS News</a>. 19 December 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171222051640/https://www.cbsnews.com/news/white-house-says-wannacry-attack-was-carried-out-by-north-korea/">Archived</a> from the original on 22 December 2017. Retrieved 19 December 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=CBS+News&rft.atitle=White+House+says+WannaCry+attack+was+carried+out+by+North+Korea&rft.date=2017-12-19&rft_id=https%3A%2F%2Fwww.cbsnews.com%2Fnews%2Fwhite-house-says-wannacry-attack-was-carried-out-by-north-korea%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-96"><a href="#cite_ref-96">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFHernMcCurry2017" class="citation web cs1">Hern, Alex; McCurry, Justin (19 December 2017). <a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2017/dec/19/wannacry-cyberattack-us-says-it-has-evidence-north-korea-was-directly-responsible">"UK and US blame WannaCry cyber-attack on North Korea"</a>. <a href="/wiki/The_Guardian" title="The Guardian">The Guardian</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171219025118/https://www.theguardian.com/technology/2017/dec/19/wannacry-cyberattack-us-says-it-has-evidence-north-korea-was-directly-responsible">Archived</a> from the original on 19 December 2017. Retrieved 19 December 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Guardian&rft.atitle=UK+and+US+blame+WannaCry+cyber-attack+on+North+Korea&rft.date=2017-12-19&rft.aulast=Hern&rft.aufirst=Alex&rft.au=McCurry%2C+Justin&rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Fdec%2F19%2Fwannacry-cyberattack-us-says-it-has-evidence-north-korea-was-directly-responsible&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-97"><a href="#cite_ref-97">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.reuters.com/article/us-cyber-attack-northkorea-idUSKCN18F1X3">"North Korea says linking cyber attacks to Pyongyang is 'ridiculous'"</a>. Reuters. 19 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170520124734/http://www.reuters.com/article/us-cyber-attack-northkorea-idUSKCN18F1X3">Archived</a> from the original on 20 May 2017. Retrieved 21 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Reuters&rft.atitle=North+Korea+says+linking+cyber+attacks+to+Pyongyang+is+%27ridiculous%27&rft.date=2017-05-19&rft_id=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-attack-northkorea-idUSKCN18F1X3&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-98"><a href="#cite_ref-98">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.nytimes.com/aponline/2017/05/19/world/asia/ap-as-nkorea-wannacry-cyberattack-.html">"Experts Question North Korea Role in WannaCry Cyberattack"</a>. The New York Times. 19 May 2017. Retrieved 21 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+New+York+Times&rft.atitle=Experts+Question+North+Korea+Role+in+WannaCry+Cyberattack&rft.date=2017-05-19&rft_id=https%3A%2F%2Fwww.nytimes.com%2Faponline%2F2017%2F05%2F19%2Fworld%2Fasia%2Fap-as-nkorea-wannacry-cyberattack-.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-99"><a href="#cite_ref-99">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSangerBennerGoldman2018" class="citation web cs1">Sanger, David; Benner, Katie; Goldman, Adam (6 September 2018). <a rel="nofollow" class="external text" href="https://www.nytimes.com/2018/09/06/us/politics/north-korea-sony-hack-wannacry-indictment.html">"North Korean Spy to Be Charged in Sony Pictures Hacking"</a>. <a href="/wiki/The_New_York_Times" title="The New York Times">The New York Times</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180906154623/https://www.nytimes.com/2018/09/06/us/politics/north-korea-sony-hack-wannacry-indictment.html">Archived</a> from the original on 6 September 2018. Retrieved 6 September 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+New+York+Times&rft.atitle=North+Korean+Spy+to+Be+Charged+in+Sony+Pictures+Hacking&rft.date=2018-09-06&rft.aulast=Sanger&rft.aufirst=David&rft.au=Benner%2C+Katie&rft.au=Goldman%2C+Adam&rft_id=https%3A%2F%2Fwww.nytimes.com%2F2018%2F09%2F06%2Fus%2Fpolitics%2Fnorth-korea-sony-hack-wannacry-indictment.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-100"><a href="#cite_ref-100">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFTalleyVolz2019" class="citation web cs1">Talley, Ian; Volz, Dustin (16 September 2019). <a rel="nofollow" class="external text" href="https://www.msn.com/en-us/news/world/us-targets-north-korean-hacking-as-national-security-threat/ar-AAHkAGU">"U.S. Targets North Korean Hacking as National-Security Threat"</a>. msn. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190920072703/https://www.msn.com/en-us/news/world/us-targets-north-korean-hacking-as-national-security-threat/ar-AAHkAGU">Archived</a> from the original on 20 September 2019. Retrieved 16 September 2019.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=msn&rft.atitle=U.S.+Targets+North+Korean+Hacking+as+National-Security+Threat&rft.date=2019-09-16&rft.aulast=Talley&rft.aufirst=Ian&rft.au=Volz%2C+Dustin&rft_id=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fworld%2Fus-targets-north-korean-hacking-as-national-security-threat%2Far-AAHkAGU&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-101"><a href="#cite_ref-101">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.bbc.com/news/world-europe-39907965">"Cyber-attack: Europol says it was unprecedented in scale"</a>. <a href="/wiki/BBC" title="BBC">BBC</a>. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170514152532/http://www.bbc.com/news/world-europe-39907965">Archived</a> from the original on 14 May 2017. Retrieved 22 June 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Cyber-attack%3A+Europol+says+it+was+unprecedented+in+scale&rft.pub=BBC&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.bbc.com%2Fnews%2Fworld-europe-39907965&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-Jones-102"><a href="#cite_ref-Jones_102-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFJones2017" class="citation news cs1">Jones, Sam (14 May 2017). "Global alert to prepare for fresh cyber attacks". Financial Times.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Financial+Times&rft.atitle=Global+alert+to+prepare+for+fresh+cyber+attacks&rft.date=2017-05-14&rft.aulast=Jones&rft.aufirst=Sam&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-103"><a href="#cite_ref-103">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMillarMarshallCardon2017" class="citation news cs1">Millar, Sheila A.; Marshall, Tracy P.; Cardon, Nathan A. (22 May 2017). <a rel="nofollow" class="external text" href="https://www.natlawreview.com/article/wannacry-are-your-security-tools-to-date">"WannaCry: Are Your Security Tools Up to Date?"</a>. The National Law Review. Keller and Heckman LLP. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170804173311/https://www.natlawreview.com/article/wannacry-are-your-security-tools-to-date">Archived</a> from the original on 4 August 2017. Retrieved 9 July 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+National+Law+Review&rft.atitle=WannaCry%3A+Are+Your+Security+Tools+Up+to+Date%3F&rft.date=2017-05-22&rft.aulast=Millar&rft.aufirst=Sheila+A.&rft.au=Marshall%2C+Tracy+P.&rft.au=Cardon%2C+Nathan+A.&rft_id=https%3A%2F%2Fwww.natlawreview.com%2Farticle%2Fwannacry-are-your-security-tools-to-date&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-104"><a href="#cite_ref-104">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.cbsnews.com/news/hospitals-across-britain-hit-by-ransomware-cyberattack/">"Global cyberattack strikes dozens of countries, cripples U.K. hospitals"</a>. CBS News. 12 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170513111012/http://www.cbsnews.com/news/hospitals-across-britain-hit-by-ransomware-cyberattack/">Archived</a> from the original on 13 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=CBS+News&rft.atitle=Global+cyberattack+strikes+dozens+of+countries%2C+cripples+U.K.+hospitals&rft.date=2017-05-12&rft_id=https%3A%2F%2Fwww.cbsnews.com%2Fnews%2Fhospitals-across-britain-hit-by-ransomware-cyberattack%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-14MaySunTim-105"><a href="#cite_ref-14MaySunTim_105-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFUngoed-ThomasHenryGadher2017" class="citation news cs1">Ungoed-Thomas, Jon; Henry, Robin; Gadher, Dipesh (14 May 2017). <a rel="nofollow" class="external text" href="https://www.thetimes.co.uk/article/cyber-attack-guides-promoted-on-youtube-972s0hh2c">"Cyber-attack guides promoted on YouTube"</a>. The Sunday Times. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170514091326/https://www.thetimes.co.uk/article/cyber-attack-guides-promoted-on-youtube-972s0hh2c">Archived</a> from the original on 14 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Sunday+Times&rft.atitle=Cyber-attack+guides+promoted+on+YouTube&rft.date=2017-05-14&rft.aulast=Ungoed-Thomas&rft.aufirst=Jon&rft.au=Henry%2C+Robin&rft.au=Gadher%2C+Dipesh&rft_id=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fcyber-attack-guides-promoted-on-youtube-972s0hh2c&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-BBC_news-106">^ <a href="#cite_ref-BBC_news_106-0">a</a> <a href="#cite_ref-BBC_news_106-1">b</a> <a href="#cite_ref-BBC_news_106-2">c</a> <a href="#cite_ref-BBC_news_106-3">d</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.bbc.co.uk/news/health-39899646">"NHS cyber-attack: GPs and hospitals hit by ransomware"</a>. BBC News. 12 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170512145026/http://www.bbc.co.uk/news/health-39899646">Archived</a> from the original on 12 May 2017. Retrieved 12 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=BBC+News&rft.atitle=NHS+cyber-attack%3A+GPs+and+hospitals+hit+by+ransomware&rft.date=2017-05-12&rft_id=https%3A%2F%2Fwww.bbc.co.uk%2Fnews%2Fhealth-39899646&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-global-cyber-attack-ransomware-nsa-uk-nhs-107">^ <a href="#cite_ref-global-cyber-attack-ransomware-nsa-uk-nhs_107-0">a</a> <a href="#cite_ref-global-cyber-attack-ransomware-nsa-uk-nhs_107-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFWongSolon2017" class="citation web cs1"><a href="/wiki/Julia_Carrie_Wong" title="Julia Carrie Wong">Wong, Julia Carrie</a>; Solon, Olivia (12 May 2017). <a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-nsa-uk-nhs">"Massive ransomware cyber-attack hits 74 countries around the world"</a>. <a href="/wiki/The_Guardian" title="The Guardian">The Guardian</a>. London. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170521030555/https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-nsa-uk-nhs">Archived</a> from the original on 21 May 2017. Retrieved 12 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Guardian&rft.atitle=Massive+ransomware+cyber-attack+hits+74+countries+around+the+world&rft.date=2017-05-12&rft.aulast=Wong&rft.aufirst=Julia+Carrie&rft.au=Solon%2C+Olivia&rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Fmay%2F12%2Fglobal-cyber-attack-ransomware-nsa-uk-nhs&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-108"><a href="#cite_ref-108">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSmyth2018" class="citation news cs1">Smyth, Chris (18 April 2018). <a rel="nofollow" class="external text" href="https://www.thetimes.co.uk/article/every-hospital-tested-for-cybersecurity-has-failed-97vc6rqkq">"Every hospital tested for cybersecurity has failed"</a>. The Times. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/0140-0460">0140-0460</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180418032630/https://www.thetimes.co.uk/article/every-hospital-tested-for-cybersecurity-has-failed-97vc6rqkq">Archived</a> from the original on 18 April 2018. Retrieved 18 April 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Times&rft.atitle=Every+hospital+tested+for+cybersecurity+has+failed&rft.date=2018-04-18&rft.issn=0140-0460&rft.aulast=Smyth&rft.aufirst=Chris&rft_id=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fevery-hospital-tested-for-cybersecurity-has-failed-97vc6rqkq&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-109"><a href="#cite_ref-109">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://publications.parliament.uk/pa/cm201719/cmselect/cmpubacc/787/787.pdf">"Cyber-attack on the NHS"</a> (PDF). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180421031123/https://publications.parliament.uk/pa/cm201719/cmselect/cmpubacc/787/787.pdf">Archived</a> (PDF) from the original on 21 April 2018. Retrieved 20 April 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Cyber-attack+on+the+NHS&rft_id=https%3A%2F%2Fpublications.parliament.uk%2Fpa%2Fcm201719%2Fcmselect%2Fcmpubacc%2F787%2F787.pdf&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-guardian-nhs-110">^ <a href="#cite_ref-guardian-nhs_110-0">a</a> <a href="#cite_ref-guardian-nhs_110-1">b</a> <a href="#cite_ref-guardian-nhs_110-2">c</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMarsh2017" class="citation web cs1">Marsh, Sarah (12 May 2017). <a rel="nofollow" class="external text" href="https://www.theguardian.com/society/2017/may/12/global-cyber-attack-nhs-trusts-malware">"The NHS trusts hit by malware – full list"</a>. <a href="/wiki/The_Guardian" title="The Guardian">The Guardian</a>. London. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170515202748/https://www.theguardian.com/society/2017/may/12/global-cyber-attack-nhs-trusts-malware">Archived</a> from the original on 15 May 2017. Retrieved 12 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Guardian&rft.atitle=The+NHS+trusts+hit+by+malware+%E2%80%93+full+list&rft.date=2017-05-12&rft.aulast=Marsh&rft.aufirst=Sarah&rft_id=https%3A%2F%2Fwww.theguardian.com%2Fsociety%2F2017%2Fmay%2F12%2Fglobal-cyber-attack-nhs-trusts-malware&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-111"><a href="#cite_ref-111">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSharman2017" class="citation news cs1">Sharman, Jon (13 May 2017). <a rel="nofollow" class="external text" href="https://www.independent.co.uk/news/uk/home-news/nissan-sunderland-cyber-attack-ransomware-nhs-malware-wannacry-car-factory-a7733936.html">"Cyber-attack that crippled NHS systems hits Nissan car factory in Sunderland and Renault in France"</a>. The Independent. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516161329/http://www.independent.co.uk/news/uk/home-news/nissan-sunderland-cyber-attack-ransomware-nhs-malware-wannacry-car-factory-a7733936.html">Archived</a> from the original on 16 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Independent&rft.atitle=Cyber-attack+that+crippled+NHS+systems+hits+Nissan+car+factory+in+Sunderland+and+Renault+in+France&rft.date=2017-05-13&rft.aulast=Sharman&rft.aufirst=Jon&rft_id=https%3A%2F%2Fwww.independent.co.uk%2Fnews%2Fuk%2Fhome-news%2Fnissan-sunderland-cyber-attack-ransomware-nhs-malware-wannacry-car-factory-a7733936.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-112"><a href="#cite_ref-112">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFRosemainLe_GuernigouDavey2017" class="citation web cs1">Rosemain, Mathieu; Le Guernigou, Yann; Davey, James (13 May 2017). <a rel="nofollow" class="external text" href="https://www.mirror.co.uk/news/world-news/renault-stops-production-several-plants-10413994">"Renault stops production at several plants after ransomware cyber attack as Nissan also hacked"</a>. Daily Mirror. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170515173951/http://www.mirror.co.uk/news/world-news/renault-stops-production-several-plants-10413994">Archived</a> from the original on 15 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Daily+Mirror&rft.atitle=Renault+stops+production+at+several+plants+after+ransomware+cyber+attack+as+Nissan+also+hacked&rft.date=2017-05-13&rft.aulast=Rosemain&rft.aufirst=Mathieu&rft.au=Le+Guernigou%2C+Yann&rft.au=Davey%2C+James&rft_id=https%3A%2F%2Fwww.mirror.co.uk%2Fnews%2Fworld-news%2Frenault-stops-production-several-plants-10413994&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-cnn99countries-113">^ <a href="#cite_ref-cnn99countries_113-0">a</a> <a href="#cite_ref-cnn99countries_113-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFLarson2017" class="citation news cs1">Larson, Selena (12 May 2017). <a rel="nofollow" class="external text" href="https://money.cnn.com/2017/05/12/technology/ransomware-attack-nsa-microsoft/">"Massive ransomware attack hits 99 countries"</a>. <a href="/wiki/CNN" title="CNN">CNN</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170512203316/http://money.cnn.com/2017/05/12/technology/ransomware-attack-nsa-microsoft/">Archived</a> from the original on 12 May 2017. Retrieved 12 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Massive+ransomware+attack+hits+99+countries&rft.date=2017-05-12&rft.aulast=Larson&rft.aufirst=Selena&rft_id=https%3A%2F%2Fmoney.cnn.com%2F2017%2F05%2F12%2Ftechnology%2Fransomware-attack-nsa-microsoft%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-verge1-114"><a href="#cite_ref-verge1_114-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.theverge.com/2017/5/14/15637888/authorities-wannacry-ransomware-attack-spread-150-countries">"The WannaCry ransomware attack has spread to 150 countries"</a>. The Verge. 14 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170515121715/https://www.theverge.com/2017/5/14/15637888/authorities-wannacry-ransomware-attack-spread-150-countries">Archived</a> from the original on 15 May 2017. Retrieved 16 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Verge&rft.atitle=The+WannaCry+ransomware+attack+has+spread+to+150+countries&rft.date=2017-05-14&rft_id=https%3A%2F%2Fwww.theverge.com%2F2017%2F5%2F14%2F15637888%2Fauthorities-wannacry-ransomware-attack-spread-150-countries&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-115"><a href="#cite_ref-115">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFHernGibbs2017" class="citation news cs1">Hern, Alex; Gibbs, Samuel (12 May 2017). <a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-what-is-wanacrypt0r-20">"What is 'WanaCrypt0r 2.0' ransomware and why is it attacking the NHS?"</a>. <a href="/wiki/The_Guardian" title="The Guardian">The Guardian</a>. London. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a> <a rel="nofollow" class="external text" href="https://search.worldcat.org/issn/0261-3077">0261-3077</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170512164110/https://www.theguardian.com/technology/2017/may/12/nhs-ransomware-cyber-attack-what-is-wanacrypt0r-20">Archived</a> from the original on 12 May 2017. Retrieved 12 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Guardian&rft.atitle=What+is+%27WanaCrypt0r+2.0%27+ransomware+and+why+is+it+attacking+the+NHS%3F&rft.date=2017-05-12&rft.issn=0261-3077&rft.aulast=Hern&rft.aufirst=Alex&rft.au=Gibbs%2C+Samuel&rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Fmay%2F12%2Fnhs-ransomware-cyber-attack-what-is-wanacrypt0r-20&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-chica1-116"><a href="#cite_ref-chica1_116-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.chicagotribune.com/news/nationworld/ct-nsa-cyberattacks-20170513-story.html">"Lucky break slows global cyberattack; what's coming could be worse"</a>. <a href="/wiki/Chicago_Tribune" title="Chicago Tribune">Chicago Tribune</a>. 14 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170514034320/http://www.chicagotribune.com/news/nationworld/ct-nsa-cyberattacks-20170513-story.html">Archived</a> from the original on 14 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Chicago+Tribune&rft.atitle=Lucky+break+slows+global+cyberattack%3B+what%27s+coming+could+be+worse&rft.date=2017-05-14&rft_id=https%3A%2F%2Fwww.chicagotribune.com%2Fnews%2Fnationworld%2Fct-nsa-cyberattacks-20170513-story.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-guard1-117">^ <a href="#cite_ref-guard1_117-0">a</a> <a href="#cite_ref-guard1_117-1">b</a> <a href="#cite_ref-guard1_117-2">c</a> <a href="#cite_ref-guard1_117-3">d</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFHelmore2017" class="citation web cs1">Helmore, Edward (13 May 2017). <a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2017/may/13/ransomware-cyber-attack-us-intelligence">"Ransomware attack reveals breakdown in US intelligence protocols, expert says"</a>. The Guardian. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030648/https://www.theguardian.com/technology/2017/may/13/ransomware-cyber-attack-us-intelligence">Archived</a> from the original on 4 June 2021. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Guardian&rft.atitle=Ransomware+attack+reveals+breakdown+in+US+intelligence+protocols%2C+expert+says&rft.date=2017-05-13&rft.aulast=Helmore&rft.aufirst=Edward&rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Fmay%2F13%2Fransomware-cyber-attack-us-intelligence&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-118"><a href="#cite_ref-118">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516182233/http://www.startribune.com/the-latest-turkey-among-countries-hit-in-cyberattack/422161813/">"The Latest: Researcher who helped halt cyberattack applauded"</a>. <a href="/wiki/Star_Tribune" class="mw-redirect" title="Star Tribune">Star Tribune</a>. Archived from <a rel="nofollow" class="external text" href="http://www.startribune.com/the-latest-turkey-among-countries-hit-in-cyberattack/422161813/">the original</a> on 16 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Star+Tribune&rft.atitle=The+Latest%3A+Researcher+who+helped+halt+cyberattack+applauded&rft_id=http%3A%2F%2Fwww.startribune.com%2Fthe-latest-turkey-among-countries-hit-in-cyberattack%2F422161813%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-119"><a href="#cite_ref-119">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516222402/https://www.washingtonpost.com/world/europe/uk-working-to-restore-hospital-systems-after-cyberattack/2017/05/13/472ef544-37c1-11e7-ab03-aa29f656f13e_story.html">"Global 'WannaCry' ransomware cyberattack seeks cash for data"</a>. Washington Post. Archived from <a rel="nofollow" class="external text" href="https://www.washingtonpost.com/world/europe/uk-working-to-restore-hospital-systems-after-cyberattack/2017/05/13/472ef544-37c1-11e7-ab03-aa29f656f13e_story.html">the original</a> on 16 May 2017. Retrieved 16 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Washington+Post&rft.atitle=Global+%27WannaCry%27+ransomware+cyberattack+seeks+cash+for+data&rft_id=https%3A%2F%2Fwww.washingtonpost.com%2Fworld%2Feurope%2Fuk-working-to-restore-hospital-systems-after-cyberattack%2F2017%2F05%2F13%2F472ef544-37c1-11e7-ab03-aa29f656f13e_story.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-120"><a href="#cite_ref-120">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.cbsnews.com/news/wannacry-ransomware-attacks-wannacry-virus-losses/">""WannaCry" ransomware attack losses could reach $4 billion"</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170614105447/http://www.cbsnews.com/news/wannacry-ransomware-attacks-wannacry-virus-losses/">Archived</a> from the original on 14 June 2017. Retrieved 14 June 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=%22WannaCry%22+ransomware+attack+losses+could+reach+%244+billion&rft_id=https%3A%2F%2Fwww.cbsnews.com%2Fnews%2Fwannacry-ransomware-attacks-wannacry-virus-losses%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-121"><a href="#cite_ref-121">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://timesofindia.indiatimes.com/india/andhra-police-computers-hit-by-cyberattack/articleshow/58658853.cms">"Andhra police computers hit by cyberattack"</a>. The Times of India. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170514091323/http://timesofindia.indiatimes.com/india/andhra-police-computers-hit-by-cyberattack/articleshow/58658853.cms">Archived</a> from the original on 14 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Times+of+India&rft.atitle=Andhra+police+computers+hit+by+cyberattack&rft.date=2017-05-13&rft_id=http%3A%2F%2Ftimesofindia.indiatimes.com%2Findia%2Fandhra-police-computers-hit-by-cyberattack%2Farticleshow%2F58658853.cms&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-122"><a href="#cite_ref-122">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://www.protothema.gr/greece/article/679082/hakaran-kai-to-apth-stin-pagosmia-kuvernoepithesi/">""Χάκαραν" και το ΑΠΘ στην παγκόσμια κυβερνοεπίθεση!"</a>. <a href="/wiki/Proto_Thema" title="Proto Thema">Proto Thema</a> (in Greek). 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170517035952/http://www.protothema.gr/greece/article/679082/hakaran-kai-to-apth-stin-pagosmia-kuvernoepithesi/">Archived</a> from the original on 17 May 2017. Retrieved 18 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Proto+Thema&rft.atitle=%22%CE%A7%CE%AC%CE%BA%CE%B1%CF%81%CE%B1%CE%BD%22+%CE%BA%CE%B1%CE%B9+%CF%84%CE%BF+%CE%91%CE%A0%CE%98+%CF%83%CF%84%CE%B7%CE%BD+%CF%80%CE%B1%CE%B3%CE%BA%CF%8C%CF%83%CE%BC%CE%B9%CE%B1+%CE%BA%CF%85%CE%B2%CE%B5%CF%81%CE%BD%CE%BF%CE%B5%CF%80%CE%AF%CE%B8%CE%B5%CF%83%CE%B7%21&rft.date=2017-05-13&rft_id=http%3A%2F%2Fwww.protothema.gr%2Fgreece%2Farticle%2F679082%2Fhakaran-kai-to-apth-stin-pagosmia-kuvernoepithesi%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-123"><a href="#cite_ref-123">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="https://www.newsit.gr/topikes-eidhseis/thessaloniki-stoxos-tis-pagkosmias-kyvernoepithesis-to-aristoteleio-synagermos-gia-ton-isxyro-io/1027391/">"Θεσσαλονίκη: Στόχος της παγκόσμιας κυβερνοεπίθεσης το Αριστοτέλειο – Συναγερμός για τον ισχυρό ιό!"</a>. <a href="/w/index.php?title=NewsIT&action=edit&redlink=1" class="new" title="NewsIT (page does not exist)">NewsIT</a> (in Greek). 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20200901082223/https://www.newsit.gr/topikes-eidhseis/thessaloniki-stoxos-tis-pagkosmias-kyvernoepithesis-to-aristoteleio-synagermos-gia-ton-isxyro-io/1027391/">Archived</a> from the original on 1 September 2020. Retrieved 28 September 2020.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=NewsIT&rft.atitle=%CE%98%CE%B5%CF%83%CF%83%CE%B1%CE%BB%CE%BF%CE%BD%CE%AF%CE%BA%CE%B7%3A+%CE%A3%CF%84%CF%8C%CF%87%CE%BF%CF%82+%CF%84%CE%B7%CF%82+%CF%80%CE%B1%CE%B3%CE%BA%CF%8C%CF%83%CE%BC%CE%B9%CE%B1%CF%82+%CE%BA%CF%85%CE%B2%CE%B5%CF%81%CE%BD%CE%BF%CE%B5%CF%80%CE%AF%CE%B8%CE%B5%CF%83%CE%B7%CF%82+%CF%84%CE%BF+%CE%91%CF%81%CE%B9%CF%83%CF%84%CE%BF%CF%84%CE%AD%CE%BB%CE%B5%CE%B9%CE%BF+%E2%80%93+%CE%A3%CF%85%CE%BD%CE%B1%CE%B3%CE%B5%CF%81%CE%BC%CF%8C%CF%82+%CE%B3%CE%B9%CE%B1+%CF%84%CE%BF%CE%BD+%CE%B9%CF%83%CF%87%CF%85%CF%81%CF%8C+%CE%B9%CF%8C%21&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.newsit.gr%2Ftopikes-eidhseis%2Fthessaloniki-stoxos-tis-pagkosmias-kyvernoepithesis-to-aristoteleio-synagermos-gia-ton-isxyro-io%2F1027391%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-124"><a href="#cite_ref-124">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://stirileprotv.ro/stiri/actualitate/atacul-informatic-global-ar-fi-afectat-si-uzina-dacia-de-la-mioveni-reactia-ministrului-comunicatiilor-augustin-jianu.html">"Atacul cibernetic global a afectat și Uzina Dacia de la Mioveni. Renault a anunțat că a oprit producția și în Franța"</a>. Pro TV (in Romanian). 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516233847/http://stirileprotv.ro/stiri/actualitate/atacul-informatic-global-ar-fi-afectat-si-uzina-dacia-de-la-mioveni-reactia-ministrului-comunicatiilor-augustin-jianu.html">Archived</a> from the original on 16 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Pro+TV&rft.atitle=Atacul+cibernetic+global+a+afectat+%C8%99i+Uzina+Dacia+de+la+Mioveni.+Renault+a+anun%C8%9Bat+c%C4%83+a+oprit+produc%C8%9Bia+%C8%99i+%C3%AEn+Fran%C8%9Ba&rft.date=2017-05-13&rft_id=http%3A%2F%2Fstirileprotv.ro%2Fstiri%2Factualitate%2Fatacul-informatic-global-ar-fi-afectat-si-uzina-dacia-de-la-mioveni-reactia-ministrului-comunicatiilor-augustin-jianu.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-125"><a href="#cite_ref-125">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.theverge.com/2018/3/28/17174540/boeing-wannacry-ransomware-attack-production-plant-charleston-south-carolina">"Boeing production plant hit with WannaCry ransomware attack"</a>. <a href="/wiki/Theverge.com" class="mw-redirect" title="Theverge.com">theverge.com</a>. 28 March 2018. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180329015400/https://www.theverge.com/2018/3/28/17174540/boeing-wannacry-ransomware-attack-production-plant-charleston-south-carolina">Archived</a> from the original on 29 March 2018. Retrieved 29 March 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=theverge.com&rft.atitle=Boeing+production+plant+hit+with+WannaCry+ransomware+attack&rft.date=2018-03-28&rft_id=https%3A%2F%2Fwww.theverge.com%2F2018%2F3%2F28%2F17174540%2Fboeing-wannacry-ransomware-attack-production-plant-charleston-south-carolina&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-126"><a href="#cite_ref-126">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="http://www.cbc.ca/news/canada/sudbury/cambrian-college-ransomware-hack-1.4093634">"Hackers demand $54K in Cambrian College ransomware attack"</a>. <a href="/wiki/CBC.ca" title="CBC.ca">CBC.ca</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170510213726/http://www.cbc.ca/news/canada/sudbury/cambrian-college-ransomware-hack-1.4093634">Archived</a> from the original on 10 May 2017. Retrieved 16 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=CBC.ca&rft.atitle=Hackers+demand+%2454K+in+Cambrian+College+ransomware+attack&rft_id=http%3A%2F%2Fwww.cbc.ca%2Fnews%2Fcanada%2Fsudbury%2Fcambrian-college-ransomware-hack-1.4093634&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-scmp-127">^ <a href="#cite_ref-scmp_127-0">a</a> <a href="#cite_ref-scmp_127-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFMimi_Lau2017" class="citation news cs1">Mimi Lau (14 May 2017). <a rel="nofollow" class="external text" href="http://www.scmp.com/news/china/society/article/2094291/chinese-police-and-petrol-stations-hit-ransomware-attack">"Chinese police and petrol stations hit by ransomware attack"</a>. South China Morning Post. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170515115538/http://www.scmp.com/news/china/society/article/2094291/chinese-police-and-petrol-stations-hit-ransomware-attack">Archived</a> from the original on 15 May 2017. Retrieved 15 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=South+China+Morning+Post&rft.atitle=Chinese+police+and+petrol+stations+hit+by+ransomware+attack&rft.date=2017-05-14&rft.au=Mimi+Lau&rft_id=http%3A%2F%2Fwww.scmp.com%2Fnews%2Fchina%2Fsociety%2Farticle%2F2094291%2Fchinese-police-and-petrol-stations-hit-ransomware-attack&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-128"><a href="#cite_ref-128">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="http://www.koreaherald.com/view.php?ud=20170515000574">"Korean gov't computers safe from WannaCry attack"</a>. <a href="/wiki/The_Korea_Herald" title="The Korea Herald">The Korea Herald</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170515040240/http://www.koreaherald.com/view.php?ud=20170515000574">Archived</a> from the original on 15 May 2017. Retrieved 15 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Korea+Herald&rft.atitle=Korean+gov%27t+computers+safe+from+WannaCry+attack&rft_id=http%3A%2F%2Fwww.koreaherald.com%2Fview.php%3Fud%3D20170515000574&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-Cina-129">^ <a href="#cite_ref-Cina_129-0">a</a> <a href="#cite_ref-Cina_129-1">b</a> <a href="#cite_ref-Cina_129-2">c</a> <a href="#cite_ref-Cina_129-3">d</a> <a href="#cite_ref-Cina_129-4">e</a> <a href="#cite_ref-Cina_129-5">f</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://news.163.com/17/0514/08/CKCOOATU000187VI.html">"一夜之间勒索病毒"永恒之蓝"席卷国内近3万机构被攻陷全球超十万台电脑"中毒"江苏等十省市受害最严重"</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170519005000/http://news.163.com/17/0514/08/CKCOOATU000187VI.html">Archived</a> from the original on 19 May 2017. Retrieved 27 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=%E4%B8%80%E5%A4%9C%E4%B9%8B%E9%97%B4+%E5%8B%92%E7%B4%A2%E7%97%85%E6%AF%92%22%E6%B0%B8%E6%81%92%E4%B9%8B%E8%93%9D%22%E5%B8%AD%E5%8D%B7+%E5%9B%BD%E5%86%85%E8%BF%913%E4%B8%87%E6%9C%BA%E6%9E%84%E8%A2%AB%E6%94%BB%E9%99%B7+%E5%85%A8%E7%90%83+%E8%B6%85%E5%8D%81%E4%B8%87%E5%8F%B0%E7%94%B5%E8%84%91%22%E4%B8%AD%E6%AF%92%22%E6%B1%9F%E8%8B%8F%E7%AD%89%E5%8D%81%E7%9C%81%E5%B8%82%E5%8F%97%E5%AE%B3%E6%9C%80%E4%B8%A5%E9%87%8D&rft_id=http%3A%2F%2Fnews.163.com%2F17%2F0514%2F08%2FCKCOOATU000187VI.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-130"><a href="#cite_ref-130">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="https://www.faz.net/aktuell/wirtschaft/unternehmen/hacker-angriff-weltweite-cyberattacke-trifft-computer-der-deutschen-bahn-15013583.html">"Weltweite Cyberattacke trifft Computer der Deutschen Bahn"</a>. <a href="/wiki/Frankfurter_Allgemeine_Zeitung" title="Frankfurter Allgemeine Zeitung">Frankfurter Allgemeine Zeitung</a> (in German). 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170513043803/http://www.faz.net/aktuell/wirtschaft/unternehmen/hacker-angriff-weltweite-cyberattacke-trifft-computer-der-deutschen-bahn-15013583.html">Archived</a> from the original on 13 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Frankfurter+Allgemeine+Zeitung&rft.atitle=Weltweite+Cyberattacke+trifft+Computer+der+Deutschen+Bahn&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.faz.net%2Faktuell%2Fwirtschaft%2Funternehmen%2Fhacker-angriff-weltweite-cyberattacke-trifft-computer-der-deutschen-bahn-15013583.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-misc-131">^ <a href="#cite_ref-misc_131-0">a</a> <a href="#cite_ref-misc_131-1">b</a> <a href="#cite_ref-misc_131-2">c</a> <a href="#cite_ref-misc_131-3">d</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="https://www.straitstimes.com/world/organisations-hit-by-global-cyberattack">"Global cyber attack: A look at some prominent victims"</a> (in Spanish). elperiodico.com. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170520175955/http://www.straitstimes.com/world/organisations-hit-by-global-cyberattack">Archived</a> from the original on 20 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Global+cyber+attack%3A+A+look+at+some+prominent+victims&rft.pub=elperiodico.com&rft.date=2017-05-13&rft_id=http%3A%2F%2Fwww.straitstimes.com%2Fworld%2Forganisations-hit-by-global-cyberattack&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-nitra-132"><a href="#cite_ref-nitra_132-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="https://www.etrend.sk/ekonomika/hackersky-utok-zasiahol-aj-fakultnu-nemocnicu-v-nitre.html">"Hackerský útok zasiahol aj Fakultnú nemocnicu v Nitre"</a>. etrend.sk (in Slovak). 15 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516202436/https://www.etrend.sk/ekonomika/hackersky-utok-zasiahol-aj-fakultnu-nemocnicu-v-nitre.html">Archived</a> from the original on 16 May 2017. Retrieved 15 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=etrend.sk&rft.atitle=Hackersk%C3%BD+%C3%BAtok+zasiahol+aj+Fakultn%C3%BA+nemocnicu+v+Nitre&rft.date=2017-05-15&rft_id=https%3A%2F%2Fwww.etrend.sk%2Fekonomika%2Fhackersky-utok-zasiahol-aj-fakultnu-nemocnicu-v-nitre.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-133"><a href="#cite_ref-133">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.ft.com/content/af74e3f4-373d-11e7-99bd-13beb0903fa3">"What is Wannacry and how can it be stopped?"</a>. <a href="/wiki/Financial_Times" title="Financial Times">Financial Times</a>. 12 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170521063906/https://www.ft.com/content/af74e3f4-373d-11e7-99bd-13beb0903fa3">Archived</a> from the original on 21 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Financial+Times&rft.atitle=What+is+Wannacry+and+how+can+it+be+stopped%3F&rft.date=2017-05-12&rft_id=https%3A%2F%2Fwww.ft.com%2Fcontent%2Faf74e3f4-373d-11e7-99bd-13beb0903fa3&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-134"><a href="#cite_ref-134">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="https://www.blognone.com/node/92406">"เซิร์ฟเวอร์เกม Blade & Soul ของ Garena ประเทศไทยถูก WannaCrypt โจมตี"</a> (in Thai). blognone.com. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030648/https://www.blognone.com/node/92406">Archived</a> from the original on 4 June 2021. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=%E0%B9%80%E0%B8%8B%E0%B8%B4%E0%B8%A3%E0%B9%8C%E0%B8%9F%E0%B9%80%E0%B8%A7%E0%B8%AD%E0%B8%A3%E0%B9%8C%E0%B9%80%E0%B8%81%E0%B8%A1+Blade+%26+Soul+%E0%B8%82%E0%B8%AD%E0%B8%87+Garena+%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B9%80%E0%B8%97%E0%B8%A8%E0%B9%84%E0%B8%97%E0%B8%A2%E0%B8%96%E0%B8%B9%E0%B8%81+WannaCrypt+%E0%B9%82%E0%B8%88%E0%B8%A1%E0%B8%95%E0%B8%B5&rft.pub=blognone.com&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.blognone.com%2Fnode%2F92406&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-135"><a href="#cite_ref-135">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://www.nikkei.com/article/DGXLASFL15HC6_V10C17A5000000">"日立、社内システムの一部に障害サイバー攻撃の影響か"</a>. 日本経済新聞 (in Japanese). 15 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516170219/http://www.nikkei.com/article/DGXLASFL15HC6_V10C17A5000000/">Archived</a> from the original on 16 May 2017. Retrieved 21 June 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=%E6%97%A5%E6%9C%AC%E7%B5%8C%E6%B8%88%E6%96%B0%E8%81%9E&rft.atitle=%E6%97%A5%E7%AB%8B%E3%80%81%E7%A4%BE%E5%86%85%E3%82%B7%E3%82%B9%E3%83%86%E3%83%A0%E3%81%AE%E4%B8%80%E9%83%A8%E3%81%AB%E9%9A%9C%E5%AE%B3+%E3%82%B5%E3%82%A4%E3%83%90%E3%83%BC%E6%94%BB%E6%92%83%E3%81%AE%E5%BD%B1%E9%9F%BF%E3%81%8B&rft.date=2017-05-15&rft_id=http%3A%2F%2Fwww.nikkei.com%2Farticle%2FDGXLASFL15HC6_V10C17A5000000&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-136"><a href="#cite_ref-136">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.reuters.com/article/us-honda-cyberattack-idUSKBN19C0EI">"Honda halts Japan car plant after WannaCry virus hits computer network"</a>. Reuters. 21 June 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170621063542/http://www.reuters.com/article/us-honda-cyberattack-idUSKBN19C0EI">Archived</a> from the original on 21 June 2017. Retrieved 21 June 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Reuters&rft.atitle=Honda+halts+Japan+car+plant+after+WannaCry+virus+hits+computer+network&rft.date=2017-06-21&rft_id=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-honda-cyberattack-idUSKBN19C0EI&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-137"><a href="#cite_ref-137">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://www.eltiempo.com/tecnosfera/novedades-tecnologia/alerta-por-cibertaque-que-golpeo-a-74-paises-87602">"Instituto Nacional de Salud, entre víctimas de ciberataque mundial"</a>. El Tiempo (in Spanish). 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516213223/http://www.eltiempo.com/tecnosfera/novedades-tecnologia/alerta-por-cibertaque-que-golpeo-a-74-paises-87602">Archived</a> from the original on 16 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=El+Tiempo&rft.atitle=Instituto+Nacional+de+Salud%2C+entre+v%C3%ADctimas+de+ciberataque+mundial&rft.date=2017-05-13&rft_id=http%3A%2F%2Fwww.eltiempo.com%2Ftecnosfera%2Fnovedades-tecnologia%2Falerta-por-cibertaque-que-golpeo-a-74-paises-87602&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-138"><a href="#cite_ref-138">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.thestar.com/news/canada/2017/05/13/ontario-health-ministry-on-high-alert-amid-global-cyberattack.html">"Ontario health ministry on high alert amid global cyberattack"</a>. Toronto Star. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20210604030650/https://www.thestar.com/news/canada/2017/05/13/ontario-health-ministry-on-high-alert-amid-global-cyberattack.html">Archived</a> from the original on 4 June 2021. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Toronto+Star&rft.atitle=Ontario+health+ministry+on+high+alert+amid+global+cyberattack&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2017%2F05%2F13%2Fontario-health-ministry-on-high-alert-amid-global-cyberattack.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-139"><a href="#cite_ref-139">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://www.nu.nl/internet/4706262/laks-tweede-nederlandse-slachtoffer-ransomware-wannacry.html">"Laks second Dutch victim of WannaCry"</a>. Nu.nl. 19 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170519113442/http://www.nu.nl/internet/4706262/laks-tweede-nederlandse-slachtoffer-ransomware-wannacry.html">Archived</a> from the original on 19 May 2017. Retrieved 20 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Nu.nl&rft.atitle=Laks+second+Dutch+victim+of+WannaCry&rft.date=2017-05-19&rft_id=http%3A%2F%2Fwww.nu.nl%2Finternet%2F4706262%2Flaks-tweede-nederlandse-slachtoffer-ransomware-wannacry.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-140"><a href="#cite_ref-140">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.fayerwayer.com/2017/05/latam-airlines-tambien-estaria-comprometida-en-ataque-ransomware/">"LATAM Airlines también está alerta por ataque informático"</a>. <a href="/w/index.php?title=Fayerwayer&action=edit&redlink=1" class="new" title="Fayerwayer (page does not exist)">Fayerwayer</a>. 12 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170512215628/https://www.fayerwayer.com/2017/05/latam-airlines-tambien-estaria-comprometida-en-ataque-ransomware/">Archived</a> from the original on 12 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=LATAM+Airlines+tambi%C3%A9n+est%C3%A1+alerta+por+ataque+inform%C3%A1tico&rft.pub=Fayerwayer&rft.date=2017-05-12&rft_id=https%3A%2F%2Fwww.fayerwayer.com%2F2017%2F05%2Flatam-airlines-tambien-estaria-comprometida-en-ataque-ransomware%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-141"><a href="#cite_ref-141">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://www.news.com.au/technology/online/hacking/massive-cyber-attack-creates-chaos-around-the-world/news-story/b248da44b753489a3f207dfee2ce78a9">"Massive cyber attack creates chaos around the world"</a>. news.com.au. 12 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170519084530/http://www.news.com.au/technology/online/hacking/massive-cyber-attack-creates-chaos-around-the-world/news-story/b248da44b753489a3f207dfee2ce78a9">Archived</a> from the original on 19 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Massive+cyber+attack+creates+chaos+around+the+world&rft.pub=news.com.au&rft.date=2017-05-12&rft_id=http%3A%2F%2Fwww.news.com.au%2Ftechnology%2Fonline%2Fhacking%2Fmassive-cyber-attack-creates-chaos-around-the-world%2Fnews-story%2Fb248da44b753489a3f207dfee2ce78a9&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-142"><a href="#cite_ref-142">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://abcnews.go.com/International/researcher-accidentally-stops-spread-unprecedented-global-cyberattack/story?id=47390745">"Researcher 'accidentally' stops spread of unprecedented global cyberattack"</a>. <a href="/wiki/ABC_News_(United_States)" title="ABC News (United States)">ABC News</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170514014004/http://abcnews.go.com/International/researcher-accidentally-stops-spread-unprecedented-global-cyberattack/story?id=47390745">Archived</a> from the original on 14 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=ABC+News&rft.atitle=Researcher+%27accidentally%27+stops+spread+of+unprecedented+global+cyberattack&rft_id=https%3A%2F%2Fabcnews.go.com%2FInternational%2Fresearcher-accidentally-stops-spread-unprecedented-global-cyberattack%2Fstory%3Fid%3D47390745&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-uk-143">^ <a href="#cite_ref-uk_143-0">a</a> <a href="#cite_ref-uk_143-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.independent.co.uk/news/uk/home-news/nissan-sunderland-cyber-attack-ransomware-nhs-malware-wannacry-car-factory-a7733936.html">"Cyber-attack that crippled NHS systems hits Nissan car factory in Sunderland and Renault in France"</a>. The Independent. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516161329/http://www.independent.co.uk/news/uk/home-news/nissan-sunderland-cyber-attack-ransomware-nhs-malware-wannacry-car-factory-a7733936.html">Archived</a> from the original on 16 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Independent&rft.atitle=Cyber-attack+that+crippled+NHS+systems+hits+Nissan+car+factory+in+Sunderland+and+Renault+in+France&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.independent.co.uk%2Fnews%2Fuk%2Fhome-news%2Fnissan-sunderland-cyber-attack-ransomware-nhs-malware-wannacry-car-factory-a7733936.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-144"><a href="#cite_ref-144">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://www.focus.de/digital/es-ist-ein-technischer-fehler-aufgetreten-nutzer-koennen-twitter-nicht-aufrufen_id_7156840.html">"Nach Attacke mit Trojaner WannaCry: Kundensystem bei O2 ausgefallen"</a> (in German). FOCUS Online. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170523015231/http://www.focus.de/digital/es-ist-ein-technischer-fehler-aufgetreten-nutzer-koennen-twitter-nicht-aufrufen_id_7156840.html">Archived</a> from the original on 23 May 2017. Retrieved 20 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Nach+Attacke+mit+Trojaner+WannaCry%3A+Kundensystem+bei+O2+ausgefallen&rft.pub=FOCUS+Online&rft_id=http%3A%2F%2Fwww.focus.de%2Fdigital%2Fes-ist-ein-technischer-fehler-aufgetreten-nutzer-koennen-twitter-nicht-aufrufen_id_7156840.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-145"><a href="#cite_ref-145">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://www.haz.de/Nachrichten/Wirtschaft/Deutschland-Welt/WannaCry-Kundendienst-von-O2-ausgefallen">"Erhebliche Störungen – WannaCry: Kundendienst von O2 ausgefallen – HAZ – Hannoversche Allgemeine"</a> (in German). Hannoversche Allgemeine Zeitung. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170519163947/http://www.haz.de/Nachrichten/Wirtschaft/Deutschland-Welt/WannaCry-Kundendienst-von-O2-ausgefallen">Archived</a> from the original on 19 May 2017. Retrieved 20 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Erhebliche+St%C3%B6rungen+%E2%80%93+WannaCry%3A+Kundendienst+von+O2+ausgefallen+%E2%80%93+HAZ+%E2%80%93+Hannoversche+Allgemeine&rft.pub=Hannoversche+Allgemeine+Zeitung&rft_id=http%3A%2F%2Fwww.haz.de%2FNachrichten%2FWirtschaft%2FDeutschland-Welt%2FWannaCry-Kundendienst-von-O2-ausgefallen&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-auto1-146">^ <a href="#cite_ref-auto1_146-0">a</a> <a href="#cite_ref-auto1_146-1">b</a> <a href="#cite_ref-auto1_146-2">c</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://www.opovo.com.br/jornal/economia/2017/05/wannacry-no-brasil-e-no-mundo.html">"WannaCry no Brasil e no mundo"</a>. O Povo (in Portuguese). 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170521154953/http://www.opovo.com.br/jornal/economia/2017/05/wannacry-no-brasil-e-no-mundo.html">Archived</a> from the original on 21 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=O+Povo&rft.atitle=WannaCry+no+Brasil+e+no+mundo&rft.date=2017-05-13&rft_id=http%3A%2F%2Fwww.opovo.com.br%2Fjornal%2Feconomia%2F2017%2F05%2Fwannacry-no-brasil-e-no-mundo.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-147"><a href="#cite_ref-147">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://observador.pt/2017/05/12/portugal-telecom-alvo-de-ataque-informatico-internacional/">"PT Portugal alvo de ataque informático internacional"</a>. Observador (in Portuguese). 12 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170512164507/http://observador.pt/2017/05/12/portugal-telecom-alvo-de-ataque-informatico-internacional/">Archived</a> from the original on 12 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Observador&rft.atitle=PT+Portugal+alvo+de+ataque+inform%C3%A1tico+internacional&rft.date=2017-05-12&rft_id=http%3A%2F%2Fobservador.pt%2F2017%2F05%2F12%2Fportugal-telecom-alvo-de-ataque-informatico-internacional%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-148"><a href="#cite_ref-148">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.radioinfo.com.au/news/ransomware-infects-narrowcast-radio-station/">"Ransomware infects narrowcast radio station"</a>. RadioInfo. 15 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171001031029/https://www.radioinfo.com.au/news/ransomware-infects-narrowcast-radio-station">Archived</a> from the original on 1 October 2017. Retrieved 30 September 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=RadioInfo&rft.atitle=Ransomware+infects+narrowcast+radio+station&rft.date=2017-05-15&rft_id=https%3A%2F%2Fwww.radioinfo.com.au%2Fnews%2Fransomware-infects-narrowcast-radio-station%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-149"><a href="#cite_ref-149">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://www.nu.nl/internet/4691349/parkeerbedrijf-q-park-getroffen-ransomware-aanval.html">"Parkeerbedrijf Q-Park getroffen door ransomware-aanval"</a>. Nu.nl (in Dutch). 13 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Nu.nl&rft.atitle=Parkeerbedrijf+Q-Park+getroffen+door+ransomware-aanval&rft.date=2017-05-13&rft_id=http%3A%2F%2Fwww.nu.nl%2Finternet%2F4691349%2Fparkeerbedrijf-q-park-getroffen-ransomware-aanval.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-150"><a href="#cite_ref-150">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://www.france24.com/en/20170512-cyberattack-ransomware-renault-worldwide-british-hospitals">"France's Renault hit in worldwide 'ransomware' cyber attack"</a> (in Spanish). France 24. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170521014056/http://www.france24.com/en/20170512-cyberattack-ransomware-renault-worldwide-british-hospitals">Archived</a> from the original on 21 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=France%27s+Renault+hit+in+worldwide+%27ransomware%27+cyber+attack&rft.pub=France+24&rft.date=2017-05-13&rft_id=http%3A%2F%2Fwww.france24.com%2Fen%2F20170512-cyberattack-ransomware-renault-worldwide-british-hospitals&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-151"><a href="#cite_ref-151">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.svoboda.org/a/28483898.html">"Компьютеры РЖД подверглись хакерской атаке и заражены вирусом"</a>. Радио Свобода. <a href="/wiki/Radio_Free_Europe/Radio_Liberty" title="Radio Free Europe/Radio Liberty">Radio Free Europe/Radio Liberty</a>. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516185526/http://www.svoboda.org/a/28483898.html">Archived</a> from the original on 16 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE+%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&rft.atitle=%D0%9A%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D1%8B+%D0%A0%D0%96%D0%94+%D0%BF%D0%BE%D0%B4%D0%B2%D0%B5%D1%80%D0%B3%D0%BB%D0%B8%D1%81%D1%8C+%D1%85%D0%B0%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B9+%D0%B0%D1%82%D0%B0%D0%BA%D0%B5+%D0%B8+%D0%B7%D0%B0%D1%80%D0%B0%D0%B6%D0%B5%D0%BD%D1%8B+%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.svoboda.org%2Fa%2F28483898.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-vidal-152">^ <a href="#cite_ref-vidal_152-0">a</a> <a href="#cite_ref-vidal_152-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFVidal_Liy2017" class="citation news cs1 cs1-prop-foreign-lang-source">Vidal Liy, Macarena (15 May 2017). <a rel="nofollow" class="external text" href="http://internacional.elpais.com/internacional/2017/05/15/actualidad/1494855826_022843.html">"Putin culpa a los servicios secretos de EE UU por el virus 'WannaCry' que desencadenó el ciberataque mundial"</a>. El País (in Spanish). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516073023/http://internacional.elpais.com/internacional/2017/05/15/actualidad/1494855826_022843.html">Archived</a> from the original on 16 May 2017. Retrieved 16 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=El+Pa%C3%ADs&rft.atitle=Putin+culpa+a+los+servicios+secretos+de+EE+UU+por+el+virus+%27WannaCry%27+que+desencaden%C3%B3+el+ciberataque+mundial&rft.date=2017-05-15&rft.aulast=Vidal+Liy&rft.aufirst=Macarena&rft_id=http%3A%2F%2Finternacional.elpais.com%2Finternacional%2F2017%2F05%2F15%2Factualidad%2F1494855826_022843.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-auto2-153">^ <a href="#cite_ref-auto2_153-0">a</a> <a href="#cite_ref-auto2_153-1">b</a> <a href="#cite_ref-auto2_153-2">c</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="http://www.ndtv.com/india-news/ransomware-wannacry-surfaces-in-kerala-bengal-10-facts-1693806">"Ransomware WannaCry Surfaces In Kerala, Bengal: 10 Facts"</a>. New Delhi Television Limited (NDTV). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516042550/http://www.ndtv.com/india-news/ransomware-wannacry-surfaces-in-kerala-bengal-10-facts-1693806">Archived</a> from the original on 16 May 2017. Retrieved 15 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=New+Delhi+Television+Limited+%28NDTV%29&rft.atitle=Ransomware+WannaCry+Surfaces+In+Kerala%2C+Bengal%3A+10+Facts&rft_id=http%3A%2F%2Fwww.ndtv.com%2Findia-news%2Fransomware-wannacry-surfaces-in-kerala-bengal-10-facts-1693806&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-154"><a href="#cite_ref-154">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSanjana_Nambiar2017" class="citation news cs1">Sanjana Nambiar (16 May 2017). <a rel="nofollow" class="external text" href="http://www.hindustantimes.com/mumbai-news/hit-by-wannacry-ransomware-civic-body-in-mumbai-suburb-to-take-3-more-days-to-fix-computers/story-eSIMZQ2NFT217erJAFkS0J.html">"Hit by WannaCry ransomware, civic body in Mumbai suburb to take 3 more days to fix computers"</a>. <a href="/wiki/Hindustan_Times" title="Hindustan Times">Hindustan Times</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516221349/http://www.hindustantimes.com/mumbai-news/hit-by-wannacry-ransomware-civic-body-in-mumbai-suburb-to-take-3-more-days-to-fix-computers/story-eSIMZQ2NFT217erJAFkS0J.html">Archived</a> from the original on 16 May 2017. Retrieved 17 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Hindustan+Times&rft.atitle=Hit+by+WannaCry+ransomware%2C+civic+body+in+Mumbai+suburb+to+take+3+more+days+to+fix+computers&rft.date=2017-05-16&rft.au=Sanjana+Nambiar&rft_id=http%3A%2F%2Fwww.hindustantimes.com%2Fmumbai-news%2Fhit-by-wannacry-ransomware-civic-body-in-mumbai-suburb-to-take-3-more-days-to-fix-computers%2Fstory-eSIMZQ2NFT217erJAFkS0J.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-spain-155"><a href="#cite_ref-spain_155-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://www.elperiodico.com/es/noticias/sociedad/ataque-informatico-masivo-infecta-las-grandes-empresas-espana-6033534">"Un ataque informático masivo con 'ransomware' afecta a medio mundo"</a> (in Spanish). elperiodico.com. 12 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170512141650/http://www.elperiodico.com/es/noticias/sociedad/ataque-informatico-masivo-infecta-las-grandes-empresas-espana-6033534">Archived</a> from the original on 12 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Un+ataque+inform%C3%A1tico+masivo+con+%27ransomware%27+afecta+a+medio+mundo&rft.pub=elperiodico.com&rft.date=2017-05-12&rft_id=http%3A%2F%2Fwww.elperiodico.com%2Fes%2Fnoticias%2Fsociedad%2Fataque-informatico-masivo-infecta-las-grandes-empresas-espana-6033534&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-156"><a href="#cite_ref-156">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFBalogh2017" class="citation news cs1 cs1-prop-foreign-lang-source">Balogh, Csaba (12 May 2017). <a rel="nofollow" class="external text" href="http://hvg.hu/tudomany/20170512_wannacry_zsarolovirus_aldozatok_magyar_ceg">"Ideért a baj: Magyarországra is elért az óriási kibertámadás"</a>. <a href="/wiki/Heti_Vil%C3%A1ggazdas%C3%A1g" title="Heti Világgazdaság">HVG</a> (in Hungarian). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170513094305/http://hvg.hu/tudomany/20170512_wannacry_zsarolovirus_aldozatok_magyar_ceg">Archived</a> from the original on 13 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=HVG&rft.atitle=Ide%C3%A9rt+a+baj%3A+Magyarorsz%C3%A1gra+is+el%C3%A9rt+az+%C3%B3ri%C3%A1si+kibert%C3%A1mad%C3%A1s&rft.date=2017-05-12&rft.aulast=Balogh&rft.aufirst=Csaba&rft_id=http%3A%2F%2Fhvg.hu%2Ftudomany%2F20170512_wannacry_zsarolovirus_aldozatok_magyar_ceg&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-157"><a href="#cite_ref-157">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://mybroadband.co.za/news/security/211576-telkom-systems-crippled-by-wannacry-ransomware.html">"Telkom systems crippled by WannaCry ransomware"</a>. <a href="/wiki/MyBroadband" title="MyBroadband">MyBroadband</a>. 21 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180829062426/https://mybroadband.co.za/news/security/211576-telkom-systems-crippled-by-wannacry-ransomware.html">Archived</a> from the original on 29 August 2018. Retrieved 21 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=MyBroadband&rft.atitle=Telkom+systems+crippled+by+WannaCry+ransomware&rft.date=2017-05-21&rft_id=https%3A%2F%2Fmybroadband.co.za%2Fnews%2Fsecurity%2F211576-telkom-systems-crippled-by-wannacry-ransomware.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-158"><a href="#cite_ref-158">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="https://www.svt.se/nyheter/inrikes/timra-kommun-drabbat-av-utpressningsattack">"Timrå kommun drabbat av utpressningsattack"</a> (in Swedish). <a href="/wiki/Sveriges_Television" title="Sveriges Television">Sveriges Television</a>. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170515001530/https://www.svt.se/nyheter/inrikes/timra-kommun-drabbat-av-utpressningsattack">Archived</a> from the original on 15 May 2017. Retrieved 15 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Timr%C3%A5+kommun+drabbat+av+utpressningsattack&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.svt.se%2Fnyheter%2Finrikes%2Ftimra-kommun-drabbat-av-utpressningsattack&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-159"><a href="#cite_ref-159">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFKirk" class="citation news cs1">Kirk, Jeremy. <a rel="nofollow" class="external text" href="https://www.bankinfosecurity.com/chipmaker-tsmc-wannacry-attack-could-cost-us170-million-a-11285">"WannaCry Outbreak Hits Chipmaker, Could Cost $170 Million"</a>. Information Security Media Group, Corp. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180810235343/https://www.bankinfosecurity.com/chipmaker-tsmc-wannacry-attack-could-cost-us170-million-a-11285">Archived</a> from the original on 10 August 2018. Retrieved 10 August 2018. <q>Taiwan Semiconductor Manufacturing Co., the world's largest chip manufacturer, says a WannaCry infection hit unpatched Windows 7 systems in its fabrication facilities, leaving multiple factories crippled.</q></cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=WannaCry+Outbreak+Hits+Chipmaker%2C+Could+Cost+%24170+Million&rft.aulast=Kirk&rft.aufirst=Jeremy&rft_id=https%3A%2F%2Fwww.bankinfosecurity.com%2Fchipmaker-tsmc-wannacry-attack-could-cost-us170-million-a-11285&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-160"><a href="#cite_ref-160">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="https://m.tempo.co/read/news/2017/05/16/058875604/virus-ransomware-wannacry-serang-perpustakaan-universitas-jember">"Virus Ransomware Wannacry Serang Perpustakaan Universitas Jember"</a>. Tempo (in Indonesian). 16 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516210408/https://m.tempo.co/read/news/2017/05/16/058875604/virus-ransomware-wannacry-serang-perpustakaan-universitas-jember">Archived</a> from the original on 16 May 2017. Retrieved 17 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Tempo&rft.atitle=Virus+Ransomware+Wannacry+Serang+Perpustakaan+Universitas+Jember&rft.date=2017-05-16&rft_id=https%3A%2F%2Fm.tempo.co%2Fread%2Fnews%2F2017%2F05%2F16%2F058875604%2Fvirus-ransomware-wannacry-serang-perpustakaan-universitas-jember&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-161"><a href="#cite_ref-161">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="http://milano.repubblica.it/cronaca/2017/05/12/news/milano_virus_ransomware_universita_bicocca-165302056/">"Il virus Wannacry arrivato a Milano: colpiti computer dell'università Bicocca"</a>. la Repubblica (in Italian). 12 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170517060728/http://milano.repubblica.it/cronaca/2017/05/12/news/milano_virus_ransomware_universita_bicocca-165302056/">Archived</a> from the original on 17 May 2017. Retrieved 13 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=la+Repubblica&rft.atitle=Il+virus+Wannacry+arrivato+a+Milano%3A+colpiti+computer+dell%27universit%C3%A0+Bicocca&rft.date=2017-05-12&rft_id=http%3A%2F%2Fmilano.repubblica.it%2Fcronaca%2F2017%2F05%2F12%2Fnews%2Fmilano_virus_ransomware_universita_bicocca-165302056%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-162"><a href="#cite_ref-162">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.theglobeandmail.com/news/national/universite-de-montreal-computers-hit-with-wannacry-virus/article35004991/">"Some University of Montreal computers hit with WannaCry virus"</a>. The Globe and Mail. 16 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170517170840/http://www.theglobeandmail.com/news/national/universite-de-montreal-computers-hit-with-wannacry-virus/article35004991/">Archived</a> from the original on 17 May 2017. Retrieved 16 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Globe+and+Mail&rft.atitle=Some+University+of+Montreal+computers+hit+with+WannaCry+virus&rft.date=2017-05-16&rft_id=https%3A%2F%2Fwww.theglobeandmail.com%2Fnews%2Fnational%2Funiversite-de-montreal-computers-hit-with-wannacry-virus%2Farticle35004991%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-163"><a href="#cite_ref-163">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFHuiBurnettBreed2017" class="citation web cs1">Hui, Sylvia; Burnett, Sara; and Breed, Allen G. (14 May 2017). <a rel="nofollow" class="external text" href="https://www.chicagotribune.com/news/nationworld/ct-nsa-cyberattacks-20170513-story.html">"Lucky break slows global cyberattack; what's coming could be worse"</a>. Chicago Tribune. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170514034320/http://www.chicagotribune.com/news/nationworld/ct-nsa-cyberattacks-20170513-story.html">Archived</a> from the original on 14 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Chicago+Tribune&rft.atitle=Lucky+break+slows+global+cyberattack%3B+what%27s+coming+could+be+worse&rft.date=2017-05-14&rft.aulast=Hui&rft.aufirst=Sylvia&rft.au=Burnett%2C+Sara&rft.au=Breed%2C+Allen+G.&rft_id=https%3A%2F%2Fwww.chicagotribune.com%2Fnews%2Fnationworld%2Fct-nsa-cyberattacks-20170513-story.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-164"><a href="#cite_ref-164">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2017/may/15/ransomware-attack-like-having-a-tomahawk-missile-stolen-says-microsoft-boss">"Ransomware attack 'like having a Tomahawk missile stolen', says Microsoft boss"</a>. The Guardian. 14 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20220407030054/https://www.theguardian.com/technology/2017/may/15/ransomware-attack-like-having-a-tomahawk-missile-stolen-says-microsoft-boss">Archived</a> from the original on 7 April 2022. Retrieved 15 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=The+Guardian&rft.atitle=Ransomware+attack+%27like+having+a+Tomahawk+missile+stolen%27%2C+says+Microsoft+boss&rft.date=2017-05-14&rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2017%2Fmay%2F15%2Fransomware-attack-like-having-a-tomahawk-missile-stolen-says-microsoft-boss&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-165"><a href="#cite_ref-165">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFStorm2017" class="citation news cs1">Storm, Darlene (15 May 2017). <a rel="nofollow" class="external text" href="http://www.computerworld.com/article/3196987/security/wikileaks-posts-user-guides-for-cia-malware-implants-assassin-and-aftermidnight.html">"WikiLeaks posts user guides for CIA malware implants Assassin and AfterMidnight"</a>. <a href="/wiki/Computerworld" title="Computerworld">Computerworld</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170517022316/http://computerworld.com/article/3196987/security/wikileaks-posts-user-guides-for-cia-malware-implants-assassin-and-aftermidnight.html">Archived</a> from the original on 17 May 2017. Retrieved 17 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=Computerworld&rft.atitle=WikiLeaks+posts+user+guides+for+CIA+malware+implants+Assassin+and+AfterMidnight&rft.date=2017-05-15&rft.aulast=Storm&rft.aufirst=Darlene&rft_id=http%3A%2F%2Fwww.computerworld.com%2Farticle%2F3196987%2Fsecurity%2Fwikileaks-posts-user-guides-for-cia-malware-implants-assassin-and-aftermidnight.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-166"><a href="#cite_ref-166">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSmith2017" class="citation web cs1">Smith, Brad (14 May 2017). <a rel="nofollow" class="external text" href="https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/">"The need for urgent collective action to keep people safe online"</a>. Microsoft. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170516234921/https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/">Archived</a> from the original on 16 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=The+need+for+urgent+collective+action+to+keep+people+safe+online&rft.pub=Microsoft&rft.date=2017-05-14&rft.aulast=Smith&rft.aufirst=Brad&rft_id=https%3A%2F%2Fblogs.microsoft.com%2Fon-the-issues%2F2017%2F05%2F14%2Fneed-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-167"><a href="#cite_ref-167">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.documentcloud.org/documents/3725905-Patch-Act-bill-before-Congress.html">"Patch Act bill before Congress"</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170518175507/https://www.documentcloud.org/documents/3725905-Patch-Act-bill-before-Congress.html">Archived</a> from the original on 18 May 2017. Retrieved 23 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Patch+Act+bill+before+Congress&rft_id=https%3A%2F%2Fwww.documentcloud.org%2Fdocuments%2F3725905-Patch-Act-bill-before-Congress.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-168"><a href="#cite_ref-168">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFWhittaker" class="citation news cs1">Whittaker, Zack. <a rel="nofollow" class="external text" href="https://www.zdnet.com/article/congress-introduces-bill-to-prevent-us-from-stockpiling-cyber-weapons/">"Congress introduces bill to stop US from stockpiling cyber-weapons"</a>. ZDNet. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170522231424/http://www.zdnet.com/article/congress-introduces-bill-to-prevent-us-from-stockpiling-cyber-weapons/">Archived</a> from the original on 22 May 2017. Retrieved 23 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=ZDNet&rft.atitle=Congress+introduces+bill+to+stop+US+from+stockpiling+cyber-weapons&rft.aulast=Whittaker&rft.aufirst=Zack&rft_id=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fcongress-introduces-bill-to-prevent-us-from-stockpiling-cyber-weapons%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-thehill.com-169">^ <a href="#cite_ref-thehill.com_169-0">a</a> <a href="#cite_ref-thehill.com_169-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFChalfant2017" class="citation news cs1">Chalfant, Morgan (12 June 2017). <a rel="nofollow" class="external text" href="https://thehill.com/business-a-lobbying/337440-lawmakers-to-hold-hearing-on-wanna-cry-ransomware-attack/">"Lawmakers to hold hearing on 'Wanna Cry' ransomware attack"</a>. TheHill. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170615181255/http://thehill.com/business-a-lobbying/337440-lawmakers-to-hold-hearing-on-wanna-cry-ransomware-attack">Archived</a> from the original on 15 June 2017. Retrieved 14 June 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=TheHill&rft.atitle=Lawmakers+to+hold+hearing+on+%27Wanna+Cry%27+ransomware+attack&rft.date=2017-06-12&rft.aulast=Chalfant&rft.aufirst=Morgan&rft_id=https%3A%2F%2Fthehill.com%2Fbusiness-a-lobbying%2F337440-lawmakers-to-hold-hearing-on-wanna-cry-ransomware-attack%2F&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-170"><a href="#cite_ref-170">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.ncsc.gov.uk/blog-post/finding-kill-switch-stop-spread-ransomware-0+">"Finding the kill switch to stop the spread of ransomware – NCSC Site"</a>. ncsc.gov.uk. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190323103205/https://www.ncsc.gov.uk/blog-post/finding-kill-switch-stop-spread-ransomware-0+">Archived</a> from the original on 23 March 2019. Retrieved 21 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=ncsc.gov.uk&rft.atitle=Finding+the+kill+switch+to+stop+the+spread+of+ransomware+%E2%80%93+NCSC+Site&rft_id=https%3A%2F%2Fwww.ncsc.gov.uk%2Fblog-post%2Ffinding-kill-switch-stop-spread-ransomware-0%2B&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-sky1-171">^ <a href="#cite_ref-sky1_171-0">a</a> <a href="#cite_ref-sky1_171-1">b</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://news.sky.com/story/sky-views-stop-the-cyberattack-blame-game-10880726">"Sky Views: Stop the cyberattack blame game"</a>. Sky News. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170519074417/http://news.sky.com/story/sky-views-stop-the-cyberattack-blame-game-10880726">Archived</a> from the original on 19 May 2017. Retrieved 21 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Sky+Views%3A+Stop+the+cyberattack+blame+game&rft.pub=Sky+News&rft_id=http%3A%2F%2Fnews.sky.com%2Fstory%2Fsky-views-stop-the-cyberattack-blame-game-10880726&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-wanakiwi-172"><a href="#cite_ref-wanakiwi_172-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://github.com/gentilkiwi/wanakiwi">"gentilkiwi/wanakiwi"</a>. GitHub. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170520045018/https://github.com/gentilkiwi/wanakiwi/">Archived</a> from the original on 20 May 2017. Retrieved 20 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=GitHub&rft.atitle=gentilkiwi%2Fwanakiwi&rft_id=https%3A%2F%2Fgithub.com%2Fgentilkiwi%2Fwanakiwi&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-173"><a href="#cite_ref-173">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://github.com/aguinet/wannakey">"aguinet/wannakey"</a>. GitHub. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170520000056/https://github.com/aguinet/wannakey">Archived</a> from the original on 20 May 2017. Retrieved 20 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=GitHub&rft.atitle=aguinet%2Fwannakey&rft_id=https%3A%2F%2Fgithub.com%2Faguinet%2Fwannakey&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-reuters1-174"><a href="#cite_ref-reuters1_174-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFAuchard2017" class="citation web cs1">Auchard, Eric (19 May 2017). <a rel="nofollow" class="external text" href="https://www.reuters.com/article/us-cyber-attack-cure-idUSKCN18F1CA">"French researchers find way to unlock WannaCry without ransom"</a>. Reuters. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170519125444/http://www.reuters.com/article/us-cyber-attack-cure-idUSKCN18F1CA">Archived</a> from the original on 19 May 2017. Retrieved 19 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=Reuters&rft.atitle=French+researchers+find+way+to+unlock+WannaCry+without+ransom&rft.date=2017-05-19&rft.aulast=Auchard&rft.aufirst=Eric&rft_id=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-attack-cure-idUSKCN18F1CA&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-175"><a href="#cite_ref-175">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSnowden2017" class="citation web cs1">Snowden, Edward [@Snowden] (13 May 2017). <a rel="nofollow" class="external text" href="https://x.com/Snowden/status/863422022994481152">"When @NSAGov-enabled ransomware eats the internet, help comes from researchers, not spy agencies. Amazing story"</a> (<a href="/wiki/Tweet_(social_media)" title="Tweet (social media)">Tweet</a>). Retrieved 20 May 2017 – via <a href="/wiki/Twitter" title="Twitter">Twitter</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=When+%40NSAGov-enabled+ransomware+eats+the+internet%2C+help+comes+from+researchers%2C+not+spy+agencies.+Amazing+story.&rft.date=2017-05-13&rft.aulast=Snowden&rft.aufirst=Edward&rft_id=https%3A%2F%2Fx.com%2FSnowden%2Fstatus%2F863422022994481152&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-176"><a href="#cite_ref-176">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFSnowden2017" class="citation web cs1">Snowden, Edward [@Snowden] (13 May 2017). <a rel="nofollow" class="external text" href="https://x.com/Snowden/status/863425539616284673">"Pause a moment to consider why we're left with researchers, not governments, trying to counter the @NSAGov-enabled ransomware mess. Hint"</a> (<a href="/wiki/Tweet_(social_media)" title="Tweet (social media)">Tweet</a>). Retrieved 20 May 2017 – via <a href="/wiki/Twitter" title="Twitter">Twitter</a>.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=Pause+a+moment+to+consider+why+we%27re+left+with+researchers%2C+not+governments%2C+trying+to+counter+the+%40NSAGov-enabled+ransomware+mess.+Hint&rft.date=2017-05-13&rft.aulast=Snowden&rft.aufirst=Edward&rft_id=https%3A%2F%2Fx.com%2FSnowden%2Fstatus%2F863425539616284673&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-hei-177"><a href="#cite_ref-hei_177-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1 cs1-prop-foreign-lang-source"><a rel="nofollow" class="external text" href="https://www.heise.de/newsticker/meldung/WannaCry-BSI-ruft-Betroffene-auf-Infektionen-zu-melden-3713442.html">"WannaCry: BSI ruft Betroffene auf, Infektionen zu melden"</a> (in German). heise online. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20220408021357/https://www.heise.de/newsticker/meldung/WannaCry-BSI-ruft-Betroffene-auf-Infektionen-zu-melden-3713442.html">Archived</a> from the original on 8 April 2022. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=WannaCry%3A+BSI+ruft+Betroffene+auf%2C+Infektionen+zu+melden&rft.pub=heise+online&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.heise.de%2Fnewsticker%2Fmeldung%2FWannaCry-BSI-ruft-Betroffene-auf-Infektionen-zu-melden-3713442.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-178"><a href="#cite_ref-178">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.theguardian.com/commentisfree/2017/may/13/nhs-computer-systems-insufficient-funding">"The ransomware attack is all about the insufficient funding of the NHS"</a>. The Guardian. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170514035002/https://www.theguardian.com/commentisfree/2017/may/13/nhs-computer-systems-insufficient-funding">Archived</a> from the original on 14 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Guardian&rft.atitle=The+ransomware+attack+is+all+about+the+insufficient+funding+of+the+NHS&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.theguardian.com%2Fcommentisfree%2F2017%2Fmay%2F13%2Fnhs-computer-systems-insufficient-funding&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-179"><a href="#cite_ref-179">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.theguardian.com/society/2017/may/13/jeremy-hunt-ignored-warning-signs-before-cyber-attack-hit-nhs">"Jeremy Hunt 'ignored warning signs' before cyber-attack hit NHS"</a>. The Guardian. 13 May 2017. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170513182031/https://www.theguardian.com/society/2017/may/13/jeremy-hunt-ignored-warning-signs-before-cyber-attack-hit-nhs">Archived</a> from the original on 13 May 2017. Retrieved 14 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.jtitle=The+Guardian&rft.atitle=Jeremy+Hunt+%27ignored+warning+signs%27+before+cyber-attack+hit+NHS&rft.date=2017-05-13&rft_id=https%3A%2F%2Fwww.theguardian.com%2Fsociety%2F2017%2Fmay%2F13%2Fjeremy-hunt-ignored-warning-signs-before-cyber-attack-hit-nhs&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-180"><a href="#cite_ref-180">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite id="CITEREFLarson2017" class="citation web cs1">Larson, Selena (17 May 2017). <a rel="nofollow" class="external text" href="https://money.cnn.com/2017/05/17/technology/wannacry-ransomware-business-security/index.html">"Why WannaCry ransomware took down so many businesses"</a>. CNN Money. CNN. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170521103322/http://money.cnn.com/2017/05/17/technology/wannacry-ransomware-business-security/index.html">Archived</a> from the original on 21 May 2017. Retrieved 22 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=unknown&rft.jtitle=CNN+Money&rft.atitle=Why+WannaCry+ransomware+took+down+so+many+businesses&rft.date=2017-05-17&rft.aulast=Larson&rft.aufirst=Selena&rft_id=https%3A%2F%2Fmoney.cnn.com%2F2017%2F05%2F17%2Ftechnology%2Fwannacry-ransomware-business-security%2Findex.html&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-nhs-noxp-181"><a href="#cite_ref-nhs-noxp_181-0">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://digital.nhs.uk/article/1493/UPDATED-Statement-on-reported-NHS-cyber-attack-13-May-">"UPDATED Statement on reported NHS cyber-attack (13 May)"</a>. National Health Service. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170513155139/https://digital.nhs.uk/article/1493/UPDATED-Statement-on-reported-NHS-cyber-attack-13-May-">Archived</a> from the original on 13 May 2017. Retrieved 30 May 2017.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=unknown&rft.btitle=UPDATED+Statement+on+reported+NHS+cyber-attack+%2813+May%29&rft.pub=National+Health+Service&rft_id=https%3A%2F%2Fdigital.nhs.uk%2Farticle%2F1493%2FUPDATED-Statement-on-reported-NHS-cyber-attack-13-May-&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-182"><a href="#cite_ref-182">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.hsj.co.uk/technology-and-innovation/cyber-attack-cost-nhs-92m--dhsc/7023560.article">"Cyber-attack cost NHS £92m – DHSC"</a>. Health Service Journal. 11 October 2018. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20181113165804/https://www.hsj.co.uk/technology-and-innovation/cyber-attack-cost-nhs-92m--dhsc/7023560.article">Archived</a> from the original on 13 November 2018. Retrieved 13 November 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Cyber-attack+cost+NHS+%C2%A392m+%E2%80%93+DHSC&rft.date=2018-10-11&rft_id=https%3A%2F%2Fwww.hsj.co.uk%2Ftechnology-and-innovation%2Fcyber-attack-cost-nhs-92m--dhsc%2F7023560.article&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> <li id="cite_note-183"><a href="#cite_ref-183">^</a> <link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1238218222"><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.buildingbetterhealthcare.co.uk/news/article_page/Health_chiefs_refuse_to_foot_1bn_bill_to_improve_NHS_cyber_security/147855/cn164706">"Health chiefs refuse to foot £1bn bill to improve NHS cyber security"</a>. Building Better Healthcare. 15 October 2018. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20181127193837/https://www.buildingbetterhealthcare.co.uk/news/article_page/Health_chiefs_refuse_to_foot_1bn_bill_to_improve_NHS_cyber_security/147855/cn164706">Archived</a> from the original on 27 November 2018. Retrieved 27 November 2018.</cite><span title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Health+chiefs+refuse+to+foot+%C2%A31bn+bill+to+improve+NHS+cyber+security&rft.date=2018-10-15&rft_id=https%3A%2F%2Fwww.buildingbetterhealthcare.co.uk%2Fnews%2Farticle_page%2FHealth_chiefs_refuse_to_foot_1bn_bill_to_improve_NHS_cyber_security%2F147855%2Fcn164706&rfr_id=info%3Asid%2Fen.wikipedia.org%3AWannaCry+ransomware+attack" class="Z3988"> </li> </ol></div></div> <div class="mw-heading mw-heading2"><h2 id="External_links">External links</h2>[<a href="/w/index.php?title=WannaCry_ransomware_attack&action=edit&section=11" title="Edit section: External links">edit</a>]</div> <style data-mw-deduplicate="TemplateStyles:r1235681985">.mw-parser-output .side-box{margin:4px 0;box-sizing:border-box;border:1px solid #aaa;font-size:88%;line-height:1.25em;background-color:var(--background-color-interactive-subtle,#f8f9fa);display:flow-root}.mw-parser-output .side-box-abovebelow,.mw-parser-output .side-box-text{padding:0.25em 0.9em}.mw-parser-output .side-box-image{padding:2px 0 2px 0.9em;text-align:center}.mw-parser-output .side-box-imageright{padding:2px 0.9em 2px 0;text-align:center}@media(min-width:500px){.mw-parser-output .side-box-flex{display:flex;align-items:center}.mw-parser-output .side-box-text{flex:1;min-width:0}}@media(min-width:720px){.mw-parser-output .side-box{width:238px}.mw-parser-output .side-box-right{clear:right;float:right;margin-left:1em}.mw-parser-output .side-box-left{margin-right:1em}}</style><style data-mw-deduplicate="TemplateStyles:r1237033735">@media print{body.ns-0 .mw-parser-output .sistersitebox{display:none!important}}@media screen{html.skin-theme-clientpref-night .mw-parser-output .sistersitebox img[src*="Wiktionary-logo-en-v2.svg"]{background-color:white}}@media screen and (prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .sistersitebox img[src*="Wiktionary-logo-en-v2.svg"]{background-color:white}}</style><div class="side-box side-box-right plainlinks sistersitebox"><style data-mw-deduplicate="TemplateStyles:r1126788409">.mw-parser-output .plainlist ol,.mw-parser-output .plainlist ul{line-height:inherit;list-style:none;margin:0;padding:0}.mw-parser-output .plainlist ol li,.mw-parser-output .plainlist ul li{margin-bottom:0}</style> <div class="side-box-flex"> <div class="side-box-image"><img alt="" src="//upload.wikimedia.org/wikipedia/en/thumb/4/4a/Commons-logo.svg/30px-Commons-logo.svg.png" decoding="async" width="30" height="40" class="mw-file-element" srcset="//upload.wikimedia.org/wikipedia/en/thumb/4/4a/Commons-logo.svg/45px-Commons-logo.svg.png 1.5x, //upload.wikimedia.org/wikipedia/en/thumb/4/4a/Commons-logo.svg/59px-Commons-logo.svg.png 2x" data-file-width="1024" data-file-height="1376" /></div> <div class="side-box-text plainlist">Wikimedia Commons has media related to <a href="https://commons.wikimedia.org/wiki/Category:WannaCry_ransomware_attack" class="extiw" title="commons:Category:WannaCry ransomware attack">WannaCry ransomware attack</a>.</div></div> </div> <ul><li><a rel="nofollow" class="external text" href="https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Ransom:Win32/WannaCrypt">Ransom:Win32/WannaCrypt</a> at Microsoft Malware Protection Center</li> <li><a rel="nofollow" class="external text" href="https://x.com/actual_ransom">@actual_ransom</a> on <a href="/wiki/Twitter" title="Twitter">Twitter</a>, a <a href="/wiki/Twitterbot" class="mw-redirect" title="Twitterbot">Twitterbot</a> tracking the ransom payments</li></ul> <div class="navbox-styles"><style data-mw-deduplicate="TemplateStyles:r1129693374">.mw-parser-output .hlist dl,.mw-parser-output .hlist ol,.mw-parser-output .hlist ul{margin:0;padding:0}.mw-parser-output .hlist dd,.mw-parser-output .hlist dt,.mw-parser-output .hlist li{margin:0;display:inline}.mw-parser-output .hlist.inline,.mw-parser-output .hlist.inline dl,.mw-parser-output .hlist.inline ol,.mw-parser-output .hlist.inline ul,.mw-parser-output .hlist dl dl,.mw-parser-output .hlist dl ol,.mw-parser-output .hlist dl ul,.mw-parser-output .hlist ol dl,.mw-parser-output .hlist ol ol,.mw-parser-output .hlist ol ul,.mw-parser-output .hlist ul dl,.mw-parser-output .hlist ul ol,.mw-parser-output .hlist ul ul{display:inline}.mw-parser-output .hlist .mw-empty-li{display:none}.mw-parser-output .hlist dt::after{content:": "}.mw-parser-output .hlist dd::after,.mw-parser-output .hlist li::after{content:" · ";font-weight:bold}.mw-parser-output .hlist dd:last-child::after,.mw-parser-output .hlist dt:last-child::after,.mw-parser-output .hlist li:last-child::after{content:none}.mw-parser-output .hlist dd dd:first-child::before,.mw-parser-output .hlist dd dt:first-child::before,.mw-parser-output .hlist dd li:first-child::before,.mw-parser-output .hlist dt dd:first-child::before,.mw-parser-output .hlist dt dt:first-child::before,.mw-parser-output .hlist dt li:first-child::before,.mw-parser-output .hlist li dd:first-child::before,.mw-parser-output .hlist li dt:first-child::before,.mw-parser-output .hlist li li:first-child::before{content:" (";font-weight:normal}.mw-parser-output .hlist dd dd:last-child::after,.mw-parser-output .hlist dd dt:last-child::after,.mw-parser-output .hlist dd li:last-child::after,.mw-parser-output .hlist dt dd:last-child::after,.mw-parser-output .hlist dt dt:last-child::after,.mw-parser-output .hlist dt li:last-child::after,.mw-parser-output .hlist li dd:last-child::after,.mw-parser-output .hlist li dt:last-child::after,.mw-parser-output .hlist li li:last-child::after{content:")";font-weight:normal}.mw-parser-output .hlist ol{counter-reset:listitem}.mw-parser-output .hlist ol>li{counter-increment:listitem}.mw-parser-output .hlist ol>li::before{content:" "counter(listitem)"\a0 "}.mw-parser-output .hlist dd ol>li:first-child::before,.mw-parser-output .hlist dt ol>li:first-child::before,.mw-parser-output .hlist li ol>li:first-child::before{content:" ("counter(listitem)"\a0 "}</style><style data-mw-deduplicate="TemplateStyles:r1236075235">.mw-parser-output .navbox{box-sizing:border-box;border:1px solid #a2a9b1;width:100%;clear:both;font-size:88%;text-align:center;padding:1px;margin:1em auto 0}.mw-parser-output .navbox .navbox{margin-top:0}.mw-parser-output .navbox+.navbox,.mw-parser-output .navbox+.navbox-styles+.navbox{margin-top:-1px}.mw-parser-output .navbox-inner,.mw-parser-output .navbox-subgroup{width:100%}.mw-parser-output .navbox-group,.mw-parser-output .navbox-title,.mw-parser-output .navbox-abovebelow{padding:0.25em 1em;line-height:1.5em;text-align:center}.mw-parser-output .navbox-group{white-space:nowrap;text-align:right}.mw-parser-output .navbox,.mw-parser-output .navbox-subgroup{background-color:#fdfdfd}.mw-parser-output .navbox-list{line-height:1.5em;border-color:#fdfdfd}.mw-parser-output .navbox-list-with-group{text-align:left;border-left-width:2px;border-left-style:solid}.mw-parser-output tr+tr>.navbox-abovebelow,.mw-parser-output tr+tr>.navbox-group,.mw-parser-output tr+tr>.navbox-image,.mw-parser-output tr+tr>.navbox-list{border-top:2px solid #fdfdfd}.mw-parser-output .navbox-title{background-color:#ccf}.mw-parser-output .navbox-abovebelow,.mw-parser-output .navbox-group,.mw-parser-output .navbox-subgroup .navbox-title{background-color:#ddf}.mw-parser-output .navbox-subgroup .navbox-group,.mw-parser-output .navbox-subgroup .navbox-abovebelow{background-color:#e6e6ff}.mw-parser-output .navbox-even{background-color:#f7f7f7}.mw-parser-output .navbox-odd{background-color:transparent}.mw-parser-output .navbox .hlist td dl,.mw-parser-output .navbox .hlist td ol,.mw-parser-output .navbox .hlist td ul,.mw-parser-output .navbox td.hlist dl,.mw-parser-output .navbox td.hlist ol,.mw-parser-output .navbox td.hlist ul{padding:0.125em 0}.mw-parser-output .navbox .navbar{display:block;font-size:100%}.mw-parser-output .navbox-title .navbar{float:left;text-align:left;margin-right:0.5em}body.skin--responsive .mw-parser-output .navbox-image img{max-width:none!important}@media print{body.ns-0 .mw-parser-output .navbox{display:none!important}}</style></div><div role="navigation" class="navbox" aria-labelledby="Hacking_in_the_2010s" style="padding:3px"><table class="nowraplinks hlist mw-collapsible autocollapse navbox-inner" style="border-spacing:0;background:transparent;color:inherit"><tbody><tr><th scope="col" class="navbox-title" colspan="2"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1129693374"><style data-mw-deduplicate="TemplateStyles:r1239400231">.mw-parser-output .navbar{display:inline;font-size:88%;font-weight:normal}.mw-parser-output .navbar-collapse{float:left;text-align:left}.mw-parser-output .navbar-boxtext{word-spacing:0}.mw-parser-output .navbar ul{display:inline-block;white-space:nowrap;line-height:inherit}.mw-parser-output .navbar-brackets::before{margin-right:-0.125em;content:"[ "}.mw-parser-output .navbar-brackets::after{margin-left:-0.125em;content:" ]"}.mw-parser-output .navbar li{word-spacing:-0.125em}.mw-parser-output .navbar a>span,.mw-parser-output .navbar a>abbr{text-decoration:inherit}.mw-parser-output .navbar-mini abbr{font-variant:small-caps;border-bottom:none;text-decoration:none;cursor:inherit}.mw-parser-output .navbar-ct-full{font-size:114%;margin:0 7em}.mw-parser-output .navbar-ct-mini{font-size:114%;margin:0 4em}html.skin-theme-clientpref-night .mw-parser-output .navbar li a abbr{color:var(--color-base)!important}@media(prefers-color-scheme:dark){html.skin-theme-clientpref-os .mw-parser-output .navbar li a abbr{color:var(--color-base)!important}}@media print{.mw-parser-output .navbar{display:none!important}}</style><div class="navbar plainlinks hlist navbar-mini"><ul><li class="nv-view"><a href="/wiki/Template:Hacking_in_the_2010s" title="Template:Hacking in the 2010s"><abbr title="View this template">v</abbr></a></li><li class="nv-talk"><a href="/wiki/Template_talk:Hacking_in_the_2010s" title="Template talk:Hacking in the 2010s"><abbr title="Discuss this template">t</abbr></a></li><li class="nv-edit"><a href="/wiki/Special:EditPage/Template:Hacking_in_the_2010s" title="Special:EditPage/Template:Hacking in the 2010s"><abbr title="Edit this template">e</abbr></a></li></ul></div><div id="Hacking_in_the_2010s" style="font-size:114%;margin:0 4em">Hacking in the 2010s</div></th></tr><tr><td class="navbox-abovebelow" colspan="2"><div><table style="width:100%; margin:1px; display:inline-table;"><tbody><tr> <td style="text-align:left; vertical-align:middle; padding:0 0.5em 0 0;" class="noprint">← <a href="/wiki/Template:Hacking_in_the_2000s" title="Template:Hacking in the 2000s">2000s</a></td> <td style="text-align:center; vertical-align:middle;; padding:0 1px;" class=""><a href="/wiki/Timeline_of_computer_security_hacker_history#2010s" class="mw-redirect" title="Timeline of computer security hacker history">Timeline</a></td> <td style="text-align:right; vertical-align:middle;; padding:0 0 0 0.5em;" class="noprint"><a href="/wiki/Template:Hacking_in_the_2020s" title="Template:Hacking in the 2020s">2020s</a> →</td> </tr></tbody></table></div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Major incidents</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"></div><table class="nowraplinks navbox-subgroup" style="border-spacing:0"><tbody><tr><th scope="row" class="navbox-group" style="width:1%">2010</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Operation_Aurora" title="Operation Aurora">Operation Aurora</a> (publication of 2009 events)</li> <li><a href="/wiki/February_2010_Australian_cyberattacks" title="February 2010 Australian cyberattacks">Australian cyberattacks</a></li> <li><a href="/wiki/Operation_Olympic_Games" title="Operation Olympic Games">Operation Olympic Games</a></li> <li><a href="/wiki/Shadow_Network" title="Shadow Network">Operation ShadowNet</a></li> <li><a href="/wiki/Operation_Payback" title="Operation Payback">Operation Payback</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2011</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2011_Canadian_government_hackings" title="2011 Canadian government hackings">Canadian government</a></li> <li><a href="/wiki/DigiNotar" title="DigiNotar">DigiNotar</a></li> <li><a href="/wiki/DNSChanger" title="DNSChanger">DNSChanger</a></li> <li><a href="/wiki/HBGary" title="HBGary">HBGary Federal</a></li> <li><a href="/wiki/Operation_AntiSec" title="Operation AntiSec">Operation AntiSec</a></li> <li><a href="/wiki/2011_PlayStation_Network_outage" title="2011 PlayStation Network outage">PlayStation network outage</a></li> <li><a href="/wiki/RSA_SecurID#March_2011_system_compromise" title="RSA SecurID">RSA SecurID compromise</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2012</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2012_LinkedIn_hack" title="2012 LinkedIn hack">LinkedIn hack</a></li> <li><a href="/wiki/Stratfor_email_leak" title="Stratfor email leak">Stratfor email leak</a></li> <li><a href="/wiki/Operation_High_Roller" title="Operation High Roller">Operation High Roller</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2013</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2013_South_Korea_cyberattack" title="2013 South Korea cyberattack">South Korea cyberattack</a></li> <li><a href="/wiki/Snapchat#December_2013_hack" title="Snapchat">Snapchat hack</a></li> <li><a href="/wiki/June_25_cyber_terror" class="mw-redirect" title="June 25 cyber terror">Cyberterrorism attack of June 25</a></li> <li><a href="/wiki/Yahoo!_data_breaches#August_2013:_breach" class="mw-redirect" title="Yahoo! data breaches">2013 Yahoo! data breach</a></li> <li><a href="/wiki/2013_Singapore_cyberattacks" title="2013 Singapore cyberattacks">Singapore cyberattacks</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2014</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Anthem_medical_data_breach" title="Anthem medical data breach">Anthem medical data breach</a></li> <li><a href="/wiki/Operation_Tovar" title="Operation Tovar">Operation Tovar</a></li> <li><a href="/wiki/2014_celebrity_nude_photo_leak" title="2014 celebrity nude photo leak">2014 celebrity nude photo leak</a></li> <li><a href="/wiki/2014_JPMorgan_Chase_data_breach" title="2014 JPMorgan Chase data breach">2014 JPMorgan Chase data breach</a></li> <li><a href="/wiki/2014_Sony_Pictures_hack" title="2014 Sony Pictures hack">2014 Sony Pictures hack</a></li> <li><a href="/wiki/2014_Russian_hacker_password_theft" title="2014 Russian hacker password theft">Russian hacker password theft</a></li> <li><a href="/wiki/Yahoo!_data_breaches#Late_2014:_breach" class="mw-redirect" title="Yahoo! data breaches">2014 Yahoo! data breach</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2015</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Office_of_Personnel_Management_data_breach" title="Office of Personnel Management data breach">Office of Personnel Management data breach</a></li> <li><a href="/wiki/HackingTeam#2015_data_breach" title="HackingTeam">HackingTeam</a></li> <li><a href="/wiki/Ashley_Madison_data_breach" title="Ashley Madison data breach">Ashley Madison data breach</a></li> <li><a href="/wiki/VTech#2015_data_breach" title="VTech">VTech data breach</a></li> <li><a href="/wiki/2015_Ukraine_power_grid_hack" title="2015 Ukraine power grid hack">Ukrainian Power Grid Cyberattack</a></li> <li><a href="/wiki/2015%E2%80%932016_SWIFT_banking_hack" title="2015–2016 SWIFT banking hack">SWIFT banking hack</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2016</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Bangladesh_Bank_robbery" title="Bangladesh Bank robbery">Bangladesh Bank robbery</a></li> <li><a href="/wiki/Hollywood_Presbyterian_Medical_Center#Ransomware" title="Hollywood Presbyterian Medical Center">Hollywood Presbyterian Medical Center ransomware incident</a></li> <li><a href="/wiki/Commission_on_Elections_data_breach" title="Commission on Elections data breach">Commission on Elections data breach</a></li> <li><a href="/wiki/Democratic_National_Committee_cyber_attacks" title="Democratic National Committee cyber attacks">Democratic National Committee cyber attacks</a></li> <li><a href="/wiki/Vietnamese_airports_hackings" title="Vietnamese airports hackings">Vietnam Airport Hacks</a></li> <li><a href="/wiki/Democratic_Congressional_Campaign_Committee_cyber_attacks" title="Democratic Congressional Campaign Committee cyber attacks">DCCC cyber attacks</a></li> <li><a href="/wiki/2016_Indian_Banks_data_breach" class="mw-redirect" title="2016 Indian Banks data breach">Indian Bank data breaches</a></li> <li><a href="/wiki/Surkov_leaks" title="Surkov leaks">Surkov leaks</a></li> <li><a href="/wiki/DDoS_attacks_on_Dyn" title="DDoS attacks on Dyn">Dyn cyberattack</a></li> <li><a href="/wiki/Russian_interference_in_the_2016_United_States_elections" title="Russian interference in the 2016 United States elections">Russian interference in the 2016 U.S. elections</a></li> <li><a href="/wiki/2016_Bitfinex_hack" title="2016 Bitfinex hack">2016 Bitfinex hack</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2017</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/SHA1#SHAttered_–_first_public_collision" class="mw-redirect" title="SHA1">SHAttered</a></li> <li><a href="/wiki/2017_Macron_e-mail_leaks" title="2017 Macron e-mail leaks">2017 Macron e-mail leaks</a></li> <li><a class="mw-selflink selflink">WannaCry ransomware attack</a></li> <li><a href="/wiki/2017_Westminster_data_breach" title="2017 Westminster data breach">Westminster data breach</a></li> <li><a href="/wiki/Petya_(malware_family)" title="Petya (malware family)">Petya and NotPetya</a> <ul><li><a href="/wiki/2017_Ukraine_ransomware_attacks" title="2017 Ukraine ransomware attacks">2017 Ukraine ransomware attacks</a></li></ul></li> <li><a href="/wiki/2017_Equifax_data_breach" title="2017 Equifax data breach">Equifax data breach</a></li> <li><a href="/wiki/Deloitte#E-mail_hack" title="Deloitte">Deloitte breach</a></li> <li><a href="/wiki/Disqus#October_2017_security_breach" title="Disqus">Disqus breach</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2018</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Trustico#DigiCert_and_Trustico_spat,_2018" title="Trustico">Trustico</a></li> <li><a href="/wiki/Atlanta_government_ransomware_attack" title="Atlanta government ransomware attack">Atlanta cyberattack</a></li> <li><a href="/wiki/2018_SingHealth_data_breach" title="2018 SingHealth data breach">SingHealth data breach</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2019</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/2019_cyberattacks_on_Sri_Lanka" title="2019 cyberattacks on Sri Lanka">Sri Lanka cyberattack</a></li> <li><a href="/wiki/2019_Baltimore_ransomware_attack" title="2019 Baltimore ransomware attack">Baltimore ransomware attack</a></li> <li><a href="/wiki/2019_Bulgarian_revenue_agency_hack" class="mw-redirect" title="2019 Bulgarian revenue agency hack">Bulgarian revenue agency hack</a></li> <li><a href="/wiki/WhatsApp_snooping_scandal" title="WhatsApp snooping scandal">WhatsApp snooping scandal</a></li> <li><a href="/wiki/Jeff_Bezos_phone_hacking_incident" title="Jeff Bezos phone hacking incident">Jeff Bezos phone hacking incident</a></li></ul> </div></td></tr></tbody></table><div></div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Hacktivism" title="Hacktivism">Hacktivism</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Anonymous_(hacker_group)" title="Anonymous (hacker group)">Anonymous</a> <ul><li><a href="/wiki/Timeline_of_events_associated_with_Anonymous" title="Timeline of events associated with Anonymous">associated events</a></li></ul></li> <li><a href="/wiki/CyberBerkut" title="CyberBerkut">CyberBerkut</a></li> <li><a href="/wiki/Gay_Nigger_Association_of_America" title="Gay Nigger Association of America">GNAA</a></li> <li><a href="/wiki/Goatse_Security" title="Goatse Security">Goatse Security</a></li> <li><a href="/wiki/Lizard_Squad" title="Lizard Squad">Lizard Squad</a></li> <li><a href="/wiki/LulzRaft" title="LulzRaft">LulzRaft</a></li> <li><a href="/wiki/LulzSec" title="LulzSec">LulzSec</a></li> <li><a href="/wiki/2016_Dyn_cyberattack#Perpetrators" class="mw-redirect" title="2016 Dyn cyberattack">New World Hackers</a></li> <li><a href="/wiki/NullCrew" title="NullCrew">NullCrew</a></li> <li><a href="/wiki/OurMine" title="OurMine">OurMine</a></li> <li><a href="/wiki/PayPal_14" title="PayPal 14">PayPal 14</a></li> <li><a href="/wiki/RedHack" title="RedHack">RedHack</a></li> <li><a href="/wiki/Teamp0ison" title="Teamp0ison">Teamp0ison</a></li> <li><a href="/wiki/The_Dark_Overlord_(hacker_group)" title="The Dark Overlord (hacker group)"> TDO </a></li> <li><a href="/wiki/UGNazi" title="UGNazi">UGNazi</a></li> <li><a href="/wiki/Ukrainian_Cyber_Alliance" title="Ukrainian Cyber Alliance">Ukrainian Cyber Alliance</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Advanced_persistent_threat" title="Advanced persistent threat">Advanced persistent threats</a></th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Bangladesh_Black_Hat_Hackers" title="Bangladesh Black Hat Hackers">Bangladesh Black Hat Hackers</a></li> <li><a href="/wiki/Bureau_121" title="Bureau 121">Bureau 121</a></li> <li><a href="/wiki/Charming_Kitten" title="Charming Kitten">Charming Kitten</a></li> <li><a href="/wiki/Cozy_Bear" title="Cozy Bear">Cozy Bear</a></li> <li><a href="/wiki/Dark_Basin" title="Dark Basin">Dark Basin</a></li> <li><a href="/wiki/DarkMatter_Group" title="DarkMatter Group">DarkMatter</a></li> <li><a href="/wiki/Elfin_Team" title="Elfin Team">Elfin Team</a></li> <li><a href="/wiki/Equation_Group" title="Equation Group">Equation Group</a></li> <li><a href="/wiki/Fancy_Bear" title="Fancy Bear">Fancy Bear</a></li> <li><a href="/wiki/Stuxnet#History" title="Stuxnet">GOSSIPGIRL</a> (confederation)</li> <li><a href="/wiki/Guccifer_2.0" title="Guccifer 2.0">Guccifer 2.0</a></li> <li><a href="/wiki/Hacking_Team" class="mw-redirect" title="Hacking Team">Hacking Team</a></li> <li><a href="/wiki/Helix_Kitten" title="Helix Kitten">Helix Kitten</a></li> <li><a href="/wiki/Iranian_Cyber_Army" title="Iranian Cyber Army">Iranian Cyber Army</a></li> <li><a href="/wiki/Lazarus_Group" title="Lazarus Group">Lazarus Group</a> (<a href="/wiki/Lazarus_Group#BlueNorOff" title="Lazarus Group">BlueNorOff</a>) (<a href="/wiki/Lazarus_Group#AndAriel" title="Lazarus Group">AndAriel</a>)</li> <li><a href="/wiki/NSO_Group" title="NSO Group">NSO Group</a></li> <li><a href="/wiki/Numbered_Panda" title="Numbered Panda">Numbered Panda</a></li> <li><a href="/wiki/PLA_Unit_61398" title="PLA Unit 61398">PLA Unit 61398</a></li> <li><a href="/wiki/PLA_Unit_61486" title="PLA Unit 61486">PLA Unit 61486</a></li> <li><a href="/wiki/PLATINUM_(cybercrime_group)" title="PLATINUM (cybercrime group)">PLATINUM</a></li> <li><a href="/wiki/Pranknet" title="Pranknet">Pranknet</a></li> <li><a href="/wiki/Red_Apollo" title="Red Apollo">Red Apollo</a></li> <li><a href="/wiki/Rocket_Kitten" title="Rocket Kitten">Rocket Kitten</a></li> <li><a href="/wiki/Stealth_Falcon" title="Stealth Falcon">Stealth Falcon</a></li> <li><a href="/wiki/Syrian_Electronic_Army" title="Syrian Electronic Army">Syrian Electronic Army</a></li> <li><a href="/wiki/Tailored_Access_Operations" title="Tailored Access Operations">Tailored Access Operations</a></li> <li><a href="/wiki/The_Shadow_Brokers" title="The Shadow Brokers">The Shadow Brokers</a></li> <li><a href="/wiki/XDedic" title="XDedic">xDedic</a></li> <li><a href="/wiki/Yemen_Cyber_Army" title="Yemen Cyber Army">Yemen Cyber Army</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Hacker" title="Hacker">Individuals</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Ryan_Ackroyd" title="Ryan Ackroyd">Ryan Ackroyd</a></li> <li><a href="/wiki/Mustafa_Al-Bassam" title="Mustafa Al-Bassam">Mustafa Al-Bassam</a></li> <li><a href="/wiki/Cyber_Anakin" title="Cyber Anakin">Cyber Anakin</a></li> <li><a href="/wiki/George_Hotz" title="George Hotz">George Hotz</a></li> <li><a href="/wiki/Guccifer" title="Guccifer">Guccifer</a></li> <li><a href="/wiki/Elliott_Gunton" title="Elliott Gunton">Elliott Gunton</a></li> <li><a href="/wiki/Jeremy_Hammond" title="Jeremy Hammond">Jeremy Hammond</a></li> <li><a href="/wiki/Kristoffer_von_Hassel" title="Kristoffer von Hassel">Kristoffer von Hassel</a></li> <li><a href="/wiki/Junaid_Hussain" title="Junaid Hussain">Junaid Hussain</a></li> <li><a href="/wiki/MLT_(hacktivist)" title="MLT (hacktivist)">MLT</a></li> <li><a href="/wiki/Hector_Monsegur" title="Hector Monsegur">Sabu</a></li> <li><a href="/wiki/Roman_Seleznev" title="Roman Seleznev">Track2</a></li> <li><a href="/wiki/Topiary_(hacktivist)" title="Topiary (hacktivist)">Topiary</a></li> <li><a href="/wiki/The_Jester_(hacktivist)" title="The Jester (hacktivist)">The Jester</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Major <a href="/wiki/Vulnerability_(computing)" class="mw-redirect" title="Vulnerability (computing)">vulnerabilities</a> publicly <a href="/wiki/Full_disclosure_(computer_security)" title="Full disclosure (computer security)">disclosed</a></th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Evercookie" title="Evercookie">Evercookie</a> (2010)</li> <li><a href="/wiki/ISeeYou" title="ISeeYou">iSeeYou</a> (2013)</li> <li><a href="/wiki/Heartbleed" title="Heartbleed"> Heartbleed</a> (2014)</li> <li><a href="/wiki/Shellshock_(software_bug)" title="Shellshock (software bug)">Shellshock</a> (2014)</li> <li><a href="/wiki/POODLE" title="POODLE">POODLE</a> (2014)</li> <li><a href="/wiki/Rootpipe" title="Rootpipe">Rootpipe</a> (2014)</li> <li><a href="/wiki/Row_hammer" title="Row hammer">Row hammer</a> (2014)</li> <li><a href="/wiki/Signaling_System_No._7#Protocol_security_vulnerabilities" class="mw-redirect" title="Signaling System No. 7">SS7 vulnerabilities</a> (2014)</li> <li><a href="/wiki/WinShock" title="WinShock">WinShock</a> (2014)</li> <li><a href="/wiki/JASBUG" title="JASBUG">JASBUG</a> (2015)</li> <li><a href="/wiki/Stagefright_(bug)" title="Stagefright (bug)">Stagefright</a> (2015)</li> <li><a href="/wiki/DROWN_attack" title="DROWN attack">DROWN</a> (2016)</li> <li><a href="/wiki/Badlock" title="Badlock">Badlock</a> (2016)</li> <li><a href="/wiki/Dirty_COW" title="Dirty COW">Dirty COW</a> (2016)</li> <li><a href="/wiki/Cloudbleed" title="Cloudbleed">Cloudbleed</a> (2017)</li> <li><a href="/wiki/Broadcom_Corporation#soc-wifi-vulns" title="Broadcom Corporation">Broadcom Wi-Fi</a> (2017)</li> <li><a href="/wiki/EternalBlue" title="EternalBlue">EternalBlue</a> (2017)</li> <li><a href="/wiki/DoublePulsar" title="DoublePulsar">DoublePulsar</a> (2017)</li> <li><a href="/wiki/Intel_Active_Management_Technology#Silent_Bob_is_Silent" title="Intel Active Management Technology">Silent Bob is Silent</a> (2017)</li> <li><a href="/wiki/KRACK" title="KRACK">KRACK</a> (2017)</li> <li><a href="/wiki/ROCA_vulnerability" title="ROCA vulnerability">ROCA vulnerability</a> (2017)</li> <li><a href="/wiki/BlueBorne_(security_vulnerability)" title="BlueBorne (security vulnerability)">BlueBorne</a> (2017)</li> <li><a href="/wiki/Meltdown_(security_vulnerability)" title="Meltdown (security vulnerability)">Meltdown</a> (2018)</li> <li><a href="/wiki/Spectre_(security_vulnerability)" title="Spectre (security vulnerability)">Spectre</a> (2018)</li> <li><a href="/wiki/EFAIL" title="EFAIL">EFAIL</a> (2018)</li> <li><a href="/wiki/Exactis" title="Exactis">Exactis</a> (2018)</li> <li><a href="/wiki/Speculative_Store_Bypass" title="Speculative Store Bypass">Speculative Store Bypass</a> (2018)</li> <li><a href="/wiki/Lazy_FP_state_restore" title="Lazy FP state restore">Lazy FP state restore</a> (2018)</li> <li><a href="/wiki/TLBleed" title="TLBleed">TLBleed</a> (2018)</li> <li><a href="/wiki/SigSpoof" title="SigSpoof">SigSpoof</a> (2018)</li> <li><a href="/wiki/Foreshadow" title="Foreshadow">Foreshadow</a> (2018)</li> <li><a href="/wiki/Wi-Fi_Protected_Access#Dragonblood_attack" title="Wi-Fi Protected Access">Dragonblood</a> (2019)</li> <li><a href="/wiki/Microarchitectural_Data_Sampling" title="Microarchitectural Data Sampling">Microarchitectural Data Sampling</a> (2019)</li> <li><a href="/wiki/BlueKeep" title="BlueKeep">BlueKeep</a> (2019)</li> <li><a href="/wiki/Kr00k" title="Kr00k">Kr00k</a> (2019)</li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Malware" title="Malware">Malware</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"></div><table class="nowraplinks navbox-subgroup" style="border-spacing:0"><tbody><tr><th scope="row" class="navbox-group" style="width:1%">2010</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Ransomware#Bad_Rabbit" title="Ransomware">Bad Rabbit</a></li> <li><a href="/wiki/BlackEnergy#BlackEnergy_2_(BE2)" title="BlackEnergy"> Black Energy 2</a></li> <li><a href="/wiki/SpyEye" title="SpyEye">SpyEye</a></li> <li><a href="/wiki/Stuxnet" title="Stuxnet">Stuxnet</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2011</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Coreflood" title="Coreflood">Coreflood</a></li> <li><a href="/wiki/Alureon" title="Alureon">Alureon</a></li> <li><a href="/wiki/Duqu" title="Duqu">Duqu</a></li> <li><a href="/wiki/Kelihos_botnet" title="Kelihos botnet">Kelihos</a></li> <li><a href="/wiki/Metulji_botnet" title="Metulji botnet">Metulji botnet</a></li> <li><a href="/wiki/Stars_virus" title="Stars virus">Stars</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2012</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Carna_botnet" title="Carna botnet">Carna</a></li> <li><a href="/wiki/Dexter_(malware)" title="Dexter (malware)">Dexter</a></li> <li><a href="/wiki/FBI_MoneyPak_Ransomware" title="FBI MoneyPak Ransomware">FBI</a></li> <li><a href="/wiki/Flame_(malware)" title="Flame (malware)">Flame</a></li> <li><a href="/wiki/Mahdi_(malware)" title="Mahdi (malware)">Mahdi</a></li> <li><a href="/wiki/Red_October_(malware)" title="Red October (malware)">Red October</a></li> <li><a href="/wiki/Shamoon" title="Shamoon">Shamoon</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2013</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/CryptoLocker" title="CryptoLocker">CryptoLocker</a></li> <li><a href="/wiki/2013_South_Korea_cyberattack" title="2013 South Korea cyberattack">DarkSeoul</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2014</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Brambul" title="Brambul">Brambul</a></li> <li><a href="/wiki/BlackEnergy#BlackEnergy_3_(BE3)" title="BlackEnergy"> Black Energy 3</a></li> <li><a href="/wiki/Carbanak" title="Carbanak">Carbanak</a></li> <li><a href="/wiki/Careto_(malware)" title="Careto (malware)">Careto</a></li> <li><a href="/wiki/DarkHotel" title="DarkHotel">DarkHotel</a></li> <li><a href="/wiki/Duqu_2.0" title="Duqu 2.0">Duqu 2.0</a></li> <li><a href="/wiki/FinFisher" title="FinFisher">FinFisher</a></li> <li><a href="/wiki/Gameover_ZeuS" title="Gameover ZeuS">Gameover ZeuS</a></li> <li><a href="/wiki/Regin_(malware)" title="Regin (malware)">Regin</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2015</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Dridex" title="Dridex">Dridex</a></li> <li><a href="/wiki/Hidden_Tear" title="Hidden Tear">Hidden Tear</a></li> <li><a href="/wiki/Rombertik" title="Rombertik">Rombertik</a></li> <li><a href="/wiki/TeslaCrypt" title="TeslaCrypt">TeslaCrypt</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2016</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Hitler-Ransomware" title="Hitler-Ransomware">Hitler</a></li> <li><a href="/wiki/Jigsaw_(ransomware)" title="Jigsaw (ransomware)">Jigsaw</a></li> <li><a href="/wiki/KeRanger" title="KeRanger">KeRanger</a></li> <li><a href="/wiki/Necurs" class="mw-redirect" title="Necurs">Necurs</a></li> <li><a href="/wiki/MEMZ" title="MEMZ">MEMZ</a></li> <li><a href="/wiki/Mirai_(malware)" title="Mirai (malware)">Mirai</a></li> <li><a href="/wiki/Pegasus_(spyware)" title="Pegasus (spyware)">Pegasus</a></li> <li><a href="/wiki/Petya_and_NotPetya" class="mw-redirect" title="Petya and NotPetya">Petya and NotPetya</a></li> <li><a href="/wiki/X-Agent" title="X-Agent">X-Agent</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2017</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/BrickerBot" title="BrickerBot">BrickerBot</a></li> <li><a href="/wiki/Kirk_Ransomware" title="Kirk Ransomware">Kirk</a></li> <li><a href="/wiki/LogicLocker" title="LogicLocker">LogicLocker</a></li> <li><a href="/wiki/Rensenware" title="Rensenware">Rensenware</a></li> <li><a href="/wiki/Triton_(malware)" title="Triton (malware)">Triton</a></li> <li><a class="mw-selflink selflink">WannaCry</a></li> <li><a href="/wiki/Xafecopy_Trojan" title="Xafecopy Trojan">XafeCopy</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2018</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/VPNFilter" title="VPNFilter">VPNFilter</a></li></ul> </div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2019</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em"> <ul><li><a href="/wiki/Grum_botnet" title="Grum botnet">Grum</a></li> <li><a href="/wiki/Joanap" title="Joanap">Joanap</a></li> <li><a href="/wiki/NetTraveler" title="NetTraveler">NetTraveler</a></li> <li><a href="/wiki/Chaos_Computer_Club#Staatstrojaner_affair" title="Chaos Computer Club">R2D2</a></li> <li><a href="/wiki/Tiny_Banker_Trojan" title="Tiny Banker Trojan">Tinba</a></li> <li><a href="/wiki/Titanium_(malware)" title="Titanium (malware)">Titanium</a></li> <li><a href="/wiki/ZeroAccess_botnet" title="ZeroAccess botnet">ZeroAccess botnet</a></li></ul> </div></td></tr></tbody></table><div></div></td></tr></tbody></table></div> <style data-mw-deduplicate="TemplateStyles:r1130092004">.mw-parser-output .portal-bar{font-size:88%;font-weight:bold;display:flex;justify-content:center;align-items:baseline}.mw-parser-output .portal-bar-bordered{padding:0 2em;background-color:#fdfdfd;border:1px solid #a2a9b1;clear:both;margin:1em auto 0}.mw-parser-output .portal-bar-related{font-size:100%;justify-content:flex-start}.mw-parser-output .portal-bar-unbordered{padding:0 1.7em;margin-left:0}.mw-parser-output .portal-bar-header{margin:0 1em 0 0.5em;flex:0 0 auto;min-height:24px}.mw-parser-output .portal-bar-content{display:flex;flex-flow:row wrap;flex:0 1 auto;padding:0.15em 0;column-gap:1em;align-items:baseline;margin:0;list-style:none}.mw-parser-output .portal-bar-content-related{margin:0;list-style:none}.mw-parser-output .portal-bar-item{display:inline-block;margin:0.15em 0.2em;min-height:24px;line-height:24px}@media screen and (max-width:768px){.mw-parser-output .portal-bar{font-size:88%;font-weight:bold;display:flex;flex-flow:column wrap;align-items:baseline}.mw-parser-output .portal-bar-header{text-align:center;flex:0;padding-left:0.5em;margin:0 auto}.mw-parser-output .portal-bar-related{font-size:100%;align-items:flex-start}.mw-parser-output .portal-bar-content{display:flex;flex-flow:row wrap;align-items:center;flex:0;column-gap:1em;border-top:1px solid #a2a9b1;margin:0 auto;list-style:none}.mw-parser-output .portal-bar-content-related{border-top:none;margin:0;list-style:none}}.mw-parser-output .navbox+link+.portal-bar,.mw-parser-output .navbox+style+.portal-bar,.mw-parser-output .navbox+link+.portal-bar-bordered,.mw-parser-output .navbox+style+.portal-bar-bordered,.mw-parser-output .sister-bar+link+.portal-bar,.mw-parser-output .sister-bar+style+.portal-bar,.mw-parser-output .portal-bar+.navbox-styles+.navbox,.mw-parser-output .portal-bar+.navbox-styles+.sister-bar{margin-top:-1px}</style><div class="portal-bar noprint metadata noviewer portal-bar-bordered" role="navigation" aria-label="Portals"><a href="/wiki/Wikipedia:Contents/Portals" title="Wikipedia:Contents/Portals">Portals</a>:<ul class="portal-bar-content"><li class="portal-bar-item"><a href="/wiki/File:Balance,_by_David.svg" class="mw-file-description"><img alt="icon" src="//upload.wikimedia.org/wikipedia/commons/thumb/1/17/Balance%2C_by_David.svg/21px-Balance%2C_by_David.svg.png" decoding="async" width="21" height="19" class="mw-file-element" srcset="//upload.wikimedia.org/wikipedia/commons/thumb/1/17/Balance%2C_by_David.svg/32px-Balance%2C_by_David.svg.png 1.5x, //upload.wikimedia.org/wikipedia/commons/thumb/1/17/Balance%2C_by_David.svg/41px-Balance%2C_by_David.svg.png 2x" data-file-width="606" data-file-height="558" /></a> <a href="/wiki/Portal:Law" title="Portal:Law">Law</a></li><li class="portal-bar-item"><a href="/wiki/File:Crystal_Clear_app_linneighborhood.svg" class="mw-file-description"><img alt="icon" src="//upload.wikimedia.org/wikipedia/commons/thumb/f/f9/Crystal_Clear_app_linneighborhood.svg/19px-Crystal_Clear_app_linneighborhood.svg.png" decoding="async" width="19" height="19" class="mw-file-element" srcset="//upload.wikimedia.org/wikipedia/commons/thumb/f/f9/Crystal_Clear_app_linneighborhood.svg/29px-Crystal_Clear_app_linneighborhood.svg.png 1.5x, //upload.wikimedia.org/wikipedia/commons/thumb/f/f9/Crystal_Clear_app_linneighborhood.svg/38px-Crystal_Clear_app_linneighborhood.svg.png 2x" data-file-width="407" data-file-height="407" /></a> <a href="/wiki/Portal:Internet" title="Portal:Internet">Internet</a></li></ul></div>    </div><noscript><img src="https://login.wikimedia.org/wiki/Special:CentralAutoLogin/start?type=1x1" alt="" width="1" height="1" style="border: none; position: absolute;"></noscript> <div class="printfooter" data-nosnippet="">Retrieved from "<a dir="ltr" href="https://en.wikipedia.org/w/index.php?title=WannaCry_ransomware_attack&oldid=1253376473">https://en.wikipedia.org/w/index.php?title=WannaCry_ransomware_attack&oldid=1253376473</a>"</div></div> <div id="catlinks" class="catlinks" data-mw="interface"><div id="mw-normal-catlinks" class="mw-normal-catlinks"><a href="/wiki/Help:Category" title="Help:Category">Categories</a>: <ul><li><a href="/wiki/Category:2017_in_computing" title="Category:2017 in computing">2017 in computing</a></li><li><a href="/wiki/Category:Cyberattacks" title="Category:Cyberattacks">Cyberattacks</a></li><li><a href="/wiki/Category:Cybercrime" title="Category:Cybercrime">Cybercrime</a></li><li><a href="/wiki/Category:Hacking_in_the_2010s" title="Category:Hacking in the 2010s">Hacking in the 2010s</a></li><li><a href="/wiki/Category:May_2017_crimes" title="Category:May 2017 crimes">May 2017 crimes</a></li><li><a href="/wiki/Category:Ransomware" title="Category:Ransomware">Ransomware</a></li><li><a href="/wiki/Category:Computer_security_exploits" title="Category:Computer security exploits">Computer security exploits</a></li><li><a href="/wiki/Category:Windows_malware" title="Category:Windows malware">Windows malware</a></li><li><a href="/wiki/Category:2010s_internet_outages" title="Category:2010s internet outages">2010s internet outages</a></li><li><a href="/wiki/Category:Cyberwarfare_in_North_Korea" title="Category:Cyberwarfare in North Korea">Cyberwarfare in North Korea</a></li><li><a href="/wiki/Category:Cybercrime_in_India" title="Category:Cybercrime in India">Cybercrime in India</a></li></ul></div><div id="mw-hidden-catlinks" class="mw-hidden-catlinks mw-hidden-cats-hidden">Hidden categories: <ul><li><a href="/wiki/Category:CS1_Greek-language_sources_(el)" title="Category:CS1 Greek-language sources (el)">CS1 Greek-language sources (el)</a></li><li><a href="/wiki/Category:CS1_Romanian-language_sources_(ro)" title="Category:CS1 Romanian-language sources (ro)">CS1 Romanian-language sources (ro)</a></li><li><a href="/wiki/Category:CS1_German-language_sources_(de)" title="Category:CS1 German-language sources (de)">CS1 German-language sources (de)</a></li><li><a href="/wiki/Category:CS1_Spanish-language_sources_(es)" title="Category:CS1 Spanish-language sources (es)">CS1 Spanish-language sources (es)</a></li><li><a href="/wiki/Category:CS1_Slovak-language_sources_(sk)" title="Category:CS1 Slovak-language sources (sk)">CS1 Slovak-language sources (sk)</a></li><li><a href="/wiki/Category:CS1_Thai-language_sources_(th)" title="Category:CS1 Thai-language sources (th)">CS1 Thai-language sources (th)</a></li><li><a href="/wiki/Category:CS1_Japanese-language_sources_(ja)" title="Category:CS1 Japanese-language sources (ja)">CS1 Japanese-language sources (ja)</a></li><li><a href="/wiki/Category:CS1_Portuguese-language_sources_(pt)" title="Category:CS1 Portuguese-language sources (pt)">CS1 Portuguese-language sources (pt)</a></li><li><a href="/wiki/Category:CS1_Dutch-language_sources_(nl)" title="Category:CS1 Dutch-language sources (nl)">CS1 Dutch-language sources (nl)</a></li><li><a href="/wiki/Category:CS1_Hungarian-language_sources_(hu)" title="Category:CS1 Hungarian-language sources (hu)">CS1 Hungarian-language sources (hu)</a></li><li><a href="/wiki/Category:CS1_Swedish-language_sources_(sv)" title="Category:CS1 Swedish-language sources (sv)">CS1 Swedish-language sources (sv)</a></li><li><a href="/wiki/Category:CS1_Indonesian-language_sources_(id)" title="Category:CS1 Indonesian-language sources (id)">CS1 Indonesian-language sources (id)</a></li><li><a href="/wiki/Category:CS1_Italian-language_sources_(it)" title="Category:CS1 Italian-language sources (it)">CS1 Italian-language sources (it)</a></li><li><a href="/wiki/Category:Articles_with_short_description" title="Category:Articles with short description">Articles with short description</a></li><li><a href="/wiki/Category:Short_description_is_different_from_Wikidata" title="Category:Short description is different from Wikidata">Short description is different from Wikidata</a></li><li><a href="/wiki/Category:Use_dmy_dates_from_January_2021" title="Category:Use dmy dates from January 2021">Use dmy dates from January 2021</a></li><li><a href="/wiki/Category:Use_British_English_from_February_2023" title="Category:Use British English from February 2023">Use British English from February 2023</a></li><li><a href="/wiki/Category:All_articles_with_unsourced_statements" title="Category:All articles with unsourced statements">All articles with unsourced statements</a></li><li><a href="/wiki/Category:Articles_with_unsourced_statements_from_October_2023" title="Category:Articles with unsourced statements from October 2023">Articles with unsourced statements from October 2023</a></li><li><a href="/wiki/Category:Commons_category_link_from_Wikidata" title="Category:Commons category link from Wikidata">Commons category link from Wikidata</a></li></ul></div></div> </div> </main> </div> <div class="mw-footer-container"> <footer id="footer" class="mw-footer" > <ul id="footer-info"> <li id="footer-info-lastmod"> This page was last edited on 25 October 2024, at 17:24 (UTC).</li> <li id="footer-info-copyright">Text is available under the <a href="/wiki/Wikipedia:Text_of_the_Creative_Commons_Attribution-ShareAlike_4.0_International_License" title="Wikipedia:Text of the Creative Commons Attribution-ShareAlike 4.0 International License">Creative Commons Attribution-ShareAlike 4.0 License</a>; additional terms may apply. By using this site, you agree to the <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Terms_of_Use" class="extiw" title="foundation:Special:MyLanguage/Policy:Terms of Use">Terms of Use</a> and <a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy" class="extiw" title="foundation:Special:MyLanguage/Policy:Privacy policy">Privacy Policy</a>. Wikipedia® is a registered trademark of the <a rel="nofollow" class="external text" href="https://wikimediafoundation.org/">Wikimedia Foundation, Inc.</a>, a non-profit organization.</li> </ul> <ul id="footer-places"> <li id="footer-places-privacy"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Privacy_policy">Privacy policy</a></li> <li id="footer-places-about"><a href="/wiki/Wikipedia:About">About Wikipedia</a></li> <li id="footer-places-disclaimers"><a href="/wiki/Wikipedia:General_disclaimer">Disclaimers</a></li> <li id="footer-places-contact"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us">Contact Wikipedia</a></li> <li id="footer-places-wm-codeofconduct"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Universal_Code_of_Conduct">Code of Conduct</a></li> <li id="footer-places-developers"><a href="https://developer.wikimedia.org">Developers</a></li> <li id="footer-places-statslink"><a href="https://stats.wikimedia.org/#/en.wikipedia.org">Statistics</a></li> <li id="footer-places-cookiestatement"><a href="https://foundation.wikimedia.org/wiki/Special:MyLanguage/Policy:Cookie_statement">Cookie statement</a></li> <li id="footer-places-mobileview"><a href="//en.m.wikipedia.org/w/index.php?title=WannaCry_ransomware_attack&mobileaction=toggle_view_mobile" class="noprint stopMobileRedirectToggle">Mobile view</a></li> </ul> <ul id="footer-icons" class="noprint"> <li id="footer-copyrightico"><a href="https://wikimediafoundation.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/static/images/footer/wikimedia-button.svg" width="84" height="29" alt="Wikimedia Foundation" loading="lazy"></a></li> <li id="footer-poweredbyico"><a href="https://www.mediawiki.org/" class="cdx-button cdx-button--fake-button cdx-button--size-large cdx-button--fake-button--enabled"><img src="/w/resources/assets/poweredby_mediawiki.svg" alt="Powered by MediaWiki" width="88" height="31" loading="lazy"></a></li> </ul> </footer> </div> </div> </div> <div class="vector-settings" id="p-dock-bottom"> <ul></ul> </div><script>(RLQ=window.RLQ||[]).push(function(){mw.config.set({"wgHostname":"mw-web.codfw.main-f69cdc8f6-f2r5r","wgBackendResponseTime":155,"wgPageParseReport":{"limitreport":{"cputime":"1.965","walltime":"2.194","ppvisitednodes":{"value":13716,"limit":1000000},"postexpandincludesize":{"value":482503,"limit":2097152},"templateargumentsize":{"value":17461,"limit":2097152},"expansiondepth":{"value":21,"limit":100},"expensivefunctioncount":{"value":8,"limit":500},"unstrip-depth":{"value":1,"limit":20},"unstrip-size":{"value":700948,"limit":5000000},"entityaccesscount":{"value":1,"limit":400},"timingprofile":["100.00% 1959.177 1 -total"," 63.03% 1234.836 1 Template:Reflist"," 29.13% 570.799 97 Template:Cite_web"," 21.55% 422.131 78 Template:Cite_news"," 5.85% 114.531 3 Template:Navbox"," 5.73% 112.341 1 Template:Hacking_in_the_2010s"," 4.99% 97.775 1 Template:Short_description"," 3.76% 73.577 1 Template:Commons_category"," 3.64% 71.354 1 Template:Sister_project"," 2.99% 58.622 2 Template:Columns-list"]},"scribunto":{"limitreport-timeusage":{"value":"1.241","limit":"10.000"},"limitreport-memusage":{"value":8113516,"limit":52428800},"limitreport-profile":[["?","240","19.4"],["MediaWiki\\Extension\\Scribunto\\Engines\\LuaSandbox\\LuaSandboxCallback::callParserFunction","160","12.9"],["recursiveClone \u003CmwInit.lua:45\u003E","120","9.7"],["MediaWiki\\Extension\\Scribunto\\Engines\\LuaSandbox\\LuaSandboxCallback::gsub","120","9.7"],["MediaWiki\\Extension\\Scribunto\\Engines\\LuaSandbox\\LuaSandboxCallback::match","80","6.5"],["dataWrapper \u003Cmw.lua:672\u003E","80","6.5"],["MediaWiki\\Extension\\Scribunto\\Engines\\LuaSandbox\\LuaSandboxCallback::formatDate","60","4.8"],["MediaWiki\\Extension\\Scribunto\\Engines\\LuaSandbox\\LuaSandboxCallback::getAllExpandedArguments","40","3.2"],["gsub","40","3.2"],["\u003Cmw.lua:194\u003E","40","3.2"],["[others]","260","21.0"]]},"cachereport":{"origin":"mw-web.codfw.main-f69cdc8f6-qjjsx","timestamp":"20241122151224","ttl":2592000,"transientcontent":false}}});});</script> <script type="application/ld+json">{"@context":"https:\/\/schema.org","@type":"Article","name":"WannaCry ransomware attack","url":"https:\/\/en.wikipedia.org\/wiki\/WannaCry_ransomware_attack","sameAs":"http:\/\/www.wikidata.org\/entity\/Q29957041","mainEntity":"http:\/\/www.wikidata.org\/entity\/Q29957041","author":{"@type":"Organization","name":"Contributors to Wikimedia projects"},"publisher":{"@type":"Organization","name":"Wikimedia Foundation, Inc.","logo":{"@type":"ImageObject","url":"https:\/\/www.wikimedia.org\/static\/images\/wmf-hor-googpub.png"}},"datePublished":"2017-05-12T16:39:01Z","dateModified":"2024-10-25T17:24:58Z","image":"https:\/\/upload.wikimedia.org\/wikipedia\/en\/1\/18\/Wana_Decrypt0r_screenshot.png","headline":"ransomware cyberattack"}</script> </body> </html>