Anatomy of the Attack
Based on reports thus far, the attack is believed to start when someone falls victim to a phishing email or malicious website. Once the ransomware, known as WannaCry or WannaCrypt, begins running on the victim’s system, it starts encrypting the victims files and it looks for systems on the network that have an unpatched Windows SMB vulnerability.