The ransomware cyber-attack that occurred on May 12, 2017, has wreaked global havoc as computers using the Microsoft Windows XP and 2003 operating systems had their data encrypted by unknown perpetrators who demanded victims pay a ransom for their data to be decrypted.
To date, cyber security experts and researchers have no definitive leads as to who might have carried out the attack, but what is known is that the incident, dubbed “WannaCry” because it is based on the WannaCrypt ransomware worm, is the biggest cyber-attack in history.
Ransomware is a form of malicious software that encrypts data stored on computers and other devices preventing legitimate users from accessing it. Usually used by cyber criminals, ransomware is a popular means of making illicit money from victims who have to pay the criminals in order to have their data decrypted. It is not uncommon for the data to remain encrypted even after the victim has paid up in full.
To complicate matters further, criminals who use ransomware often ask to be paid in Bitcoin or other forms of cryptocurrencies so that payments by victims cannot be traced by law enforcement and intelligence agencies. For many victims, finding and paying in Bitcoin is a task that is beyond them.
Over 100,000 government and private sector organisations in over 150 countries, to include hospitals, factories, businesses, and government departments have been affected though so far the Middle East has managed to avoid any serious disruption.
Computer Emergency Response Teams (CERT’s) in the United Arab Emirates, Saudi Arabia, Jordan, and Turkey have so far reported minimal damage from the Wannacry ransomware. Egypt convened its High Council for Cyber Security to review the situation there, and Israeli authorities also reported minimal damage to their systems. The only regional country that seems to have been affected is Iran, where it has been reported that up to 2000 computers were impacted. Some of these computers were used by Iranian hospitals.
It appears that the Middle East region avoided serious damage and disruption because of the timing of the attack. The first WannaCry attack was reported at 4:07pm Greenwich Mean Time (GMT) on Friday, May 12. In the Middle East region Friday is the Holy Day in Islam and the Sabbath in Judaism is on a Saturday. Further, given the time difference from GMT, Israeli government departments and businesses would have closed for the weekend by the time the WannaCry attack had began. This means that most government departments and businesses in the Middle East were closed, possibly averting mass disruption in a region where the use of Windows XP and 2003 operating systems is prevalent.