The massive WannaCrypt ransomware attack that hit the world this weekend has highlighted a number of burning issues that need to be addressed.
Apart from the need for organisations and individuals to keep their systems patched, up-to-date and backed up, the more sinister practice of governments commissioning and hoarding exploits puts every computer user at risk. The WannaCrypt attacks used a exploit that was stolen from the NSA.
Brad Smith, president and chief legal officer of Microsoft, points out that back in March the company issued a patch for the vulnerability exploited by WannaCrypt and even made patches available for versions of Windows that are no longer supported.
“This attack demonstrates the degree to which cybersecurity has become a shared responsibility between tech companies and customers,” he says. “The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect.
“As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems. Otherwise they’re literally fighting the problems of the present with tools from the past.
“This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone, and it’s something every top executive should support.”
Significantly, the attack is an example of why the stockpiling of vulnerabilities by governments is a problem, Smith adds.
“This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.
“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.
“This most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organised criminal action.”
Smith believes the governments of the world should treat this attack as a wake-up call. “They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world. We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits.”
The WannaCrypt attack has been stopped for now – by accident, by a UK-based researcher who registered a domain that co-incidentally used the IP address that the malware was using to respond to sandboxed PCs.
In the meantime, Kaspersky Lab has stated that its cyber-security experts are trying to determine whether it is possible to decrypt data locked in the attack – with the aim of developing a decryption tool as soon as possible.
Eset advises users to protect themselves against this threat and others by doing the following:
- Install anti-malware software – this will give you a fighting chance at stopping this before you are affected
- Update your windows machine – don’t ignore the security update they exist for a reason. For businesses patches can be very difficult to get deployed across the entire network, but can stop exploits from gaining a foothold.