The effects of last weeks ransomware attack are still lingering. The world-wide attack reportedly hit 300,000 pc’s, telecoms, major companies, governments and even hospitals. Some people and organizations have paid up, while others are refusing to pay and losing their data. Almost everyone who has been affected, though, is speaking out about how we let this happen.
We didn’t exactly invite the WannaCry ransomware into our homes, offices and businesses — but we didn’t totally prevent it from coming in, either. While there are the somewhat passive consumers and businesses who just didn’t update their systems to protect against these new attacks, there are government officials who actually called for the opening of back doors that let this happen.
Officials within governments, like the United States, have called on technology companies to leave these backdoors open to gain evidence and prosecute suspects. For example, according to USA Today, the now former FBI Dir. James Comey recently said there should be “a framework, for when government access is appropriate.”
But experts warn this isn’t foolproof. “Even if you design backdoors with the goal of only allowing access by law enforcement, as a practical matter there’s no way to ensure that the bad actors don’t gain access,” Neema Singh Guliani, legislative counsel with the American Civil Liberties Union told USA Today.
And today, we know there’s truth to this sentiment, as the WannaCry ransomware attack is being traced back to stolen, classified National Security Agency information as part of a U.S. cyber-attack arsenal. The NSA won’t admit it, but Microsoft and others are pointing the finger at the NSA and FBI who they say are “stockpiling” these vulnerabilities instead of reporting them.
If there’s only one thing to take away from all of this, it is the fact that this global malware spread shows just how inadequate people, businesses and even governments are in cyber security. And we don’t just mean those ‘passive’ victims. Telefonica, for example, is a major telecom player with powerful and sophisticated systems, yet they found themselves at the hands of WannaCry, too.
As our Chief Technology Officer Rutger Bevaart points out, this malware showed us that there’s a lot more the world needs to learn. “This is the first ransomware software of its kind that is able to move across your network and infect other systems all by itself. We’ve had worms like Stuxnet that did just that, but we’re looking at a whole new generation here. This is just the beginning.”