From WannaCry to Building My Own Ransomware Lab: A Defensive Cybersecurity Journey

In 2017, the world witnessed one of the most disruptive cyberattacks in modern history: the WannaCry ransomware attack . Within hours, hospitals, telecom companies, transportation systems, and businesses across more than 150 countries were locked out of their own systems. The attack exploited a Windows vulnerability and encrypted user files, demanding Bitcoin in exchange for recovery. But beyond the headlines and chaos, one question stayed with me: How does ransomware actually work under the hood? Not from a news article. Not from a YouTube explanation. But technically, structurally and cryptographically. That question led me to build a controlled educational project: Ransomware-Lab . This article explains why I built it, how it works, and what I learned from simulating encryption-based attacks in a safe, isolated environment. Why Study Ransomware? Understanding offensive techniques is essential for defensive cybersecurity. Ransomware typically: Scans for files Encrypts them using stro