The major story from last week was that malware, described in leaked NSA documents, crippled Windows computers worldwide. The WannaCry Ransomware virus is believed to have hit 200,000 victims in 150 countries, including UK hospitals, utilities in Spain, and Russia’s interior ministry. Renault shut down several French factories after the cyberattack, and one of Nissan’s UK factories was also impacted.
The scale of the attack prompted Microsoft to take the highly unusual step of releasing patches for unsupported operating systems, including Windows XP. If you have machines running Windows, needless to say, you should patch them as fast as you can.
Currently the “kill switch” discovered by MalwareTech appears to be holding, although it seems reasonable to assume that variants of the virus without the kill switch will begin circulating soon, and indeed Danish security firm Heimdal Security believes they already are.
In the wake of the news, Microsoft’s president and chief legal officer Brad Smith took to the company’s website to give a post mortem of the attack citing lessons that need to be learned. Whilst accepting Microsoft’s share of the blame, Smith suggested that the bulk of the responsibility for the massive cyberhack lies at the feet of government agencies.
…this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.
Smith goes on to renew Microsoft’s call in February for a new "Digital Geneva Convention”:
to govern these issues, including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them. And it’s why we’ve pledged our support for defending every customer everywhere in the face of cyberattacks, regardless of their nationality.
In this context it’s perhaps worth remembering that last year Apple came under tremendous pressure to create a special version of iOS for the U.S. government, under the promise that it would never escape their safe hands and get into the wild. One of those people was presidential hopeful Donald Trump.
The malware seems to have not proved hugely profitable for its owners so far. The BBC reports that "analysis of three accounts linked to the ransom demands suggests only about $38,000 (£29,400) had been paid by Monday morning."