Massive ransomware attack across multiple jurisdictions highlights the need to keep up to date with cyber security

May 13, 2017 |

Ransomware attacks are hardly a new phenomana.  In internet terms it is a middle aged form of malware.  I have been writing about it for some years (see here, here, here, here, here, here and here for example).

Courtesy of a Microsoft vulnerability, hackers using the WannaCry ransomware have attacked thousands of locations throughout the world. At this stage there have been 75,000 attacks across 99 countries.  Organisations which did not apply a patch Microsoft released in March were vulnerable.  Unlike most ransomware this malware does not require entry via an attachment clicked by a human operator.  It is deployed via a worm which means that it spreads along and between networks which are equally vulnerable.  Hence the simultaneous attacks across the world.  It is more than a little ironic that the malware was hacked and stolen from the United States National Security Agency which had developed a tool, EternalBlue, to exploit a zero day weakness it found in Microsoft systems.

The problem is not the ransomware.  Ransomware, along with other forms of malware, will always exist.  The attacks occurred to systems which were not patched even though the vulnerability was identified and  a solution was provided.  Organisations which were hit had poor cybersecurity practices.  It is not surprising that hospitals and health systems were badly affected.  It is almost a truism that hospitals and health systems, which hold the most sensitive data, are almost fatalistically reckless in securing their data.

The dilemma for organisations is what to do if struck by a ransomware attack.  Pay or not?  Some experts advise against paying.  Probably good advice as a starting point but if an organisation has not backed up its data on an external hard drive or in the cloud there is a real chance it will not function.  Then the question of whether 300 bitcoins is worth keeping a business afloat.

One Response to “Massive ransomware attack across multiple jurisdictions highlights the need to keep up to date with cyber security”

  1. Massive ransomware attack across multiple jurisdictions highlights the need to keep up to date with cyber security | Australian Law Blogs

    […] Massive ransomware attack across multiple jurisdictions highlights the need to keep up to date with … […]

Leave a Reply