Last Friday, the world was taken hostage by a ransomware that crippled systems from the U.S, to Britain, to Russia, to China, and anything in between. WannaCrypt, the ransomware, took hold of vulnerable machines through a security flaw, locked all of the data on that system, and requested users to send $300-$600 to a digital account to regain access to their data.
The ransomware crippled digital patient systems in Great Britain’s hospitals, systems of Russia’s and China’s major universities, and some systems inside of the United States. Before the ransomware could take a hold of a large number of systems in the U.S., a British researcher known as “MalwareTech” identified a possible kill switch for the ransomware. He bought one of the domains the ransomware was using to spread, and dumped it into a server intended for malware dissection, effectively killing the ransomware. The creators of this ransomware, WannaCrypt, made a fatal flaw in their code, allowing “MalwareTech” to effectively kill the ransomware. However, it did not help all of the machines that had already been infected, or those that had already paid to have their data unlocked. Paying the fee does not guarantee that victims data will be unlocked, and it is easy for hackers to continue asking for money to release the data, and then never unlock it.
If anything were to come out of last week’s attack, it’s the realization that we need to work together as a world to prevent this kinds of wide scale attack. This attack could have only been a test to see how the world would respond to such a devastating digital attack. Just because this attack was more focused on getting money, that doesn’t mean a similar attack wouldn’t focus on data collection to sell personal information. Rumors are pointing to this ransomware being stolen from the NSA, and released on the deep web for someone to modify and use. Now, that cannot be confirmed, and it probably never will.
As a world, we need higher expectations from software creators. A major vulnerability for the spread of this ransomware came from outdated security in Microsoft’s Windows XP. Companies need to be held accountable for their publications of major operating systems, and at the very least be forced to patch security for all of their software to avoid security flaws, that ransomware could use to spread itself. Because Microsoft stopped supporting Windows XP back in 2014, the operating system did not have updated security patches, and after the attack, Microsoft issued a patch recognizing the flaw with its own software.
We are at an interesting time. If our world does not learn to work together and hold people accountable, the world is going to lose. Without standards and expectations for software security, the personal data of anyone is at risk to be stolen and auctioned off for another person’s benefit.