But WannaCry remains a puzzle, in part because some of its elements seemed amateurish. Salim Neino, CEO of the Los Angeles-based security firm Kryptos Logic, said the WannaCry worm was “poorly designed” — patched together and consisting of a “sum of different parts” with an unsophisticated payment system.
Typical ransomware also generates a unique bitcoin account for each payment to make tracing difficult. That wasn’t done here.
DIGGING OUT
One of the organizations hardest hit by WannaCry — the U.K.’s National Health Service — appears to be recovering. On Friday, many NHS hospitals had to turn away patients after WannaCry locked up computers, forcing the closure of wards and emergency rooms.
NHS Digital, the body that oversees cybersecurity in Britain’s health system, said that as of now, it has “no evidence that patient data has been compromised.” The agency told hospitals to disconnect all infected computers, apply a Microsoft patch that closes the vulnerability, then “roll back” the infected computers and restore them from backed-up files.
