An affiliate of the notorious Russian-linked REvil gang infected thousands of victims in at least 17 countries on Friday. Researchers say REvil was demanding ransoms of up to $5 million.
If you're planning a multi-million dollar ransomware attack, there's really only one way to collect - with cryptocurrency. It's fast. It's easy. Best of all, it's largely anonymous and hard to trace.
The linchpin to retrieving $2.3 million, half the company's payment, was gaining access to the private key linked to the attacker's Bitcoin account. Here's how authorities may have gotten it.
Russian spies have penetrated U.S. government computer networks. Russian criminals have hit the U.S. gasoline and meat supplies. Can the president figure out how to stop the non-stop intrusions?
NPR's Mary Louise Kelly speaks with Colonial Pipeline CEO Joe Blount on the ransomware attack on the pipeline's network and the decision to pay the hackers the $4.4 million ransom.
The attack on Colonial Pipeline has focused new attention on a potentially radical proposal to stem the growing threat posed by ransomware: making it illegal for victims to pay their attackers.
Hackers say they've seized computer records from the Washington, D.C., police and are demanding ransom. As ransomware groups keep getting more sophisticated, law enforcement is struggling to keep up.
Baltimore is just the latest municipality hit with a ransomware attack. Residents can't use the city servers they need to purchase homes, pay online bills or email city workers.
U.S. Attorney Byung Pak says Faramarz Savandi and Mohammed Mansouri were behind the cyber extortion scheme that crippled many of the city's computer systems in March, causing millions in damages.
The FBI says the practice of locking computer systems in exchange for money has become increasingly common, and that cities, schools and hospitals are especially vulnerable to hackers.
The deadline to pay off the hackers who have crippled many of the city's online services is fast approaching. It's uncertain whether the city will pay to save its data; it may even be too late.
The Justice Department alleges Marcus Hutchins, who is said to have short-circuited WannaCry's global attack, created another malware program. His supporters say DOJ couldn't be more wrong.
Although the virus that spread through government and commercial computers Tuesday looked like ransomware, cyber experts say it was a "wiper" intended to erase data and disrupt business.
"The [WannCry] attack is a wake-up call for all of us," Microsoft's president wrote about last week's incident. How many times have we heard cyberattacks described this way? Let's look back.
The president is accused of leaking "highly classified" information in a meeting at the White House with Russian officials. Trump is admitting to giving them information and defending it.
Microsoft President Brad Smith calls for a "Digital Geneva Convention" under which governments would set limits on the creation of cyberweapons, just like they did for nuclear weapons.
A Homeland Security official says that so far, "the U.S. is still in a relatively good place." But because of the malware's success, it is being tweaked to foil attempts to stop its spread.
The NSA's losing control of the software behind the WannaCry cyberattack is like "the U.S. military having some of its Tomahawk missiles stolen," Microsoft President Brad Smith says.
The latest global cyberattack is believed to be the biggest extortion attack recorded, with more than 200,000 people affected in 150 countries. But ransomware has been around for years.
A computer virus that may be an inconvenience for another business leaves hospitals unable to effectively care for patients. Cyberattacks have left 14 U.S. hospitals without access to critical data.
