WannaCry: Threat remains, privacy versus security is over
For anyone using computers in their business or organization, consider May 12, 2017 your wake-up call. That’s when, what is believed to be, the largest cyberattack in history occurred, affecting computers in 150 countries around the world. WannaCry, a malicious software, spread through an email link and encrypted local files, demanding $300 US ransom in Bitcoin to release the files.
The cyber attackers used a stolen hack the United States’ National Security Agency (NSA) had developed to gather intelligence, using a flaw in Microsoft’s Windows software.
Jacob Ginsberg, senior director of products for Echoworx, has this advice to offer about how the risk of similar attacks can be minimized or mitigated.
What shortcomings in government and business approaches did this attack expose?
This is a direct result of policy we’ve seen carried out and it’s time that policy changed. The relationships between government and the private sector have been adversarial and they have not worked collaboratively.
The United States government hoards vulnerabilities and chooses to exploit them, rather than reporting them to manufacturers (the NSA informed Microsoft of the flaw only after the hack was stolen). These hacks are weapons. Government and intelligence agencies are playing a risky game. They’re betting that the value in keeping these vulnerabilities exposed – so they can spy and attack who they want – outweighs the risks of keeping their citizens and infrastructure in harm’s way – but it’s a game they are not going to win every time.
We need to recognize that the narrative of privacy versus security is over. We need more cooperation between the public and private sectors. The security community has good advice to offer. In the WannaCry case, the intelligence community, the security community and Microsoft did the right thing. Everyone descended on the problem and worked together to fix it and mitigate the damage.
There is a tie between technology and society and things we rely on. People can get seriously hurt due to cyber threats. Because of this attack, for instance, patients in England had operations cancelled. We need to work together to secure our countries and infrastructure. There needs to be a different relationship between public and private interests.
— Security Response (@threatintel) May 13, 2017
How can I protect my organization from attacks like this?
The WannaCry attack is something an organization could have prevented. Out-of-date software was the issue. Having updated software and the latest fixes is important advice.
While it’s tempting to ignore notices that ask you to update your software and operating system, don’t do that. Although Microsoft offered a patch in March that dealt with the vulnerability behind WannaCry, many organizations didn’t use it, hadn’t updated their software, or had operating systems that were old and no longer supported. Microsoft did issue a patch for older systems in this case, but that rarely happens and may not again.
Use encryption software to ensure your data is protected and educate staff about proper email procedure. The old arguments that encryption software is difficult to use or slows things down no longer apply.
Have clear policies regarding access and authorization to information. This is for everyone from large Fortune 500 companies to the average Joe.
Is the threat over for now?
We’re kidding ourselves if we think won’t happen again. Technology is infiltrating every aspect of society. We all bank online, for example. If things like this hack persist in the wild, they can be used by terrorist groups or organized crime.
We had better learn from this because you better believe they (cyber attackers) are. It’s a constant cat and mouse game and the bad guys are taking notice. Consider this your wake-up call!
By Lorena Magee, VP Marketing, Echoworx