Anyone with media access of any kind is aware the internet apocalypse has begun and it’s making everyone WannaCry. Most people have been focused on the technical side of the attack, how it will change, where it came from, and when it will stop. While all of those are valid concerns and are certainly interesting, it doesn’t address the larger problems for businesses which are their reputation, future attacks, and protecting themselves going forward.
How the World Will End
WannaCry is a cyberattack which began on May 12, 2017. It has brought international attention to the trend of hackers ransoming user’s information. This is similar in concept to kidnapping a person and then forcing family or an employer to pay for their safe return except with a scalable platform that has the potential to be far more lucrative with less effort. No need to organize a large group attack, hold the prisoner captive, or worry about the exchange.
Users are in control of their own hardware the entire time; the computer sits in front of them as they watch a countdown timer tick down to the elimination of all their data. This could include a completed manuscript, family photos, health data, or nuclear research depending on what computer was infected. When pay or lose it all are the only options, a significant number of victims will choose to pay.
With the right ransomware worm, it is impossible to infect hundreds of thousands of computers within a short period. With the WannaCry attack, the hackers have made about $100,000 in a single week. Since the hackers are only accepting payment from Bitcoin, the money isn’t traceable and their risk is dramatically reduced. It’s a win for them no matter how you look at it and it is how the world wide web as we know it will end.
WannaCry is a Marketing Nightmare
It’s easy to imagine the IT department of any infected business being devastated but the real challenge going forward is going to be with the marketing department.
This attack targeted large entities such as government controlled healthcare, schools, hospitals, and corporations because many of them use Microsoft Windows and rely on the ease of sharing files via Server Message Block (SMB). This makes it really easy to get that report, case file, or Power Point to the appropriate people but it also provides convenient access for hackers to distribute their own files throughout a network.
The obvious problem for a company is having their data tied up for an indeterminate amount of time. Without it they may not be able to function effectively, lose sales, and damage customer relationship. But that’s only part of the nightmare.
The real issue will come when people begin to realize that while their personal data wasn’t stolen this time, that’s only because of the nature of the attack. Their surgery wasn’t cancelled and they didn’t receive the wrong medication because it wasn’t part of the coding. This time. But a company they have trusted with their business and possibly even their well-being was effectively hacked and now the trust which had been firmly established is in question. This is the real nightmare.
Companies have two realistic choices when hit with a ransomware attack. Either pay and recover the data or roll the dice and hope for the best. Either choice results in a loss and that is the paradox.
By paying the ransom they are announcing to the society of hackers they are not only vulnerable to attack but also a willingness to pay to regain control. This will inevitably lead to more hackers attempting to gain access and ultimately demanding money to go away.
Choosing not to pay results in the loss of client data. The best-case scenario is the data is lost to both the company and the hackers. The worst resolution would be for the hackers to receive the data. While that wasn’t possible with this worm, as far as we know, it could be with the next.
Did you know Microsoft released a patch for Windows 10 in March that protected computers from the WannaCry attack? That isn’t the most popular operating system, however. The most popular system is Windows 7 which is used by about half the computers in use internationally but Microsoft rolled out the release for it at the same time. No, it wasn’t one of those quiet little updates. There was a significant amount of press. To be fair, they didn’t issue a fix for XP, which was initially released in 2001, until after the attacks and they have received some pushback for that decision. Ultimately, Microsoft did a killer job of offering a bug spray for this particular bug. People just couldn’t be bothered to pick up a can and spray.
This is the real problem hiding behind the WannaCry outcry. It isn’t that there are bad people who can do bad things to our computers and network infrastructures. There have always been bad people looking for easy ways to do bad things.
This isn’t an attempt to victim blame. However, there is a difference between blaming the victim and pointing out that a company, government, or school is not doing what it takes to reasonably protect their own data. Anyone with a smartphone knows to get the most out of your hardware you need to download the updates to your operating system and favorite apps or you don’t get all the cool new features. They also know you should backup your pictures and other data in case your phone gets dropped into boiling water during dinner preparation.
If the victims in this attack had done either of these things, they would have been immune to this attack. Will it prevent every attack going forward? Probably not, but it will certainly reduce the severity of the outbreaks and provide a better defense strategy than working on software that is more than a decade old and never implementing a backup protocol.
Make no mistake there will be more attacks going forward. According to Anthony Khamsei, CEO of IT-security consultancy Gold Security, “Things are probably going to get worse before they get better.” The WannaCry attack was made possible due to exploits leaked by hacking group The Shadow Brokers who plan to continue releasing information in June. He explained, “If any more of these vulnerabilities are made public they could soon find their way into existing malware.”
WannaCry isn’t the problem, it’s a symptom pointing at a much larger and scarier problem. It is a harbinger of sorts, clearly announcing the increased importance of having IT security become the dominant focus of all departments, including marketing.