'WannaCry' cyber attack shows need for 'Digital Geneva Convention'

Isaac Cain
May 19, 2017

A screenshot of the warning screen from Friday's ransomware attack.

"There are so many states that have been affected".

Researchers who tracked the bitcoin addresses hardwired into the malware found that tens of thousands of dollars had been paid before the spread of the virus was halted by a cybersecurity expert who accidentally found a flaw in WannaCry.

The culprits used a digital code believed to have been developed by the US National Security Agency - and subsequently leaked as part of a document dump, according to researchers at the Moscow-based computer security firm Kaspersky Lab. The fact that it only works against old Windows systems shows that it is specifically directed against civilian infrastructure, such as public sector networks that are often administered cheaply, by overworked and less qualified information technology professionals, on obsolete hardware, with software that won't run on Windows 10. "We expect this is a small operation that is undertaking this. They've been able to manage through it".

Keep security software up to date. But Cyberdome warns that there are chances for a more risky attack.

Qihoo 360, one of China's leading suppliers of anti-virus software, said on Sunday that at least 29,372 institutions ranging from government offices to ATMs and hospitals had been "infected", singling out universities as particularly hard-hit. ".@NSAGov's choices risked permitting low-skill criminals launch government-scale attacks, and then it happened", Snowden tweeted on Saturday. "On China's most prestigious college campuses, students reported being locked out of their final papers". Victims ranged from the mundane - a Norwegian soccer club lost its ticket-selling website - to the essential: The British National Health System lost use of digital services throughout many of its hospitals, slowing routine procedures like processing payments and imperiling patients by locking out access to records. Power utilities also reported problems.

"T$3 his attack demonstrates the degree to which cybersecurity has become a shared responsibility between tech companies and customers", Smith said in his blog post.

The identity of whoever deployed the software remains unknown.

"An equivalent scenario with conventional weapons would be the USA military having some of its Tomahawk missiles stolen".

More news: Ransomware: Guidance from the National Cyber Security Centre

Theft of the software was reported in April, when it was published by the Shadow Brokers, a group that has been linked to Russian Federation. And while Microsoft had already released a security update to patch the vulnerability one month earlier, the sequence of events fed speculation that the NSA hadn't told the us tech giant about the security risk until after it had been stolen. And while other attackers might use the same flaw, such attacks will be steadily less successful as organizations patch it.

Find out what construction giant Amey, Lloyds Banking Group, Financial Times and other big names are doing in big data and the Internet of Things.

On top of that, critics say, the government didn't notify companies like Microsoft about the vulnerabilities quickly enough.

MalwareTech, whose name was revealed in United Kingdom media to be 22-year-old Marcus Hutchins, was hailed as an "accidental hero" after registering a domain name to track the spread of the virus, which actually ended up halting it.

The kill switch detects that a particular web domain exists, and when it does, stops spreading the infection.

While many Americans are genuinely concerned about cybersecurity, few fully understand exactly how viruses like WannaCry work and how they may be at risk. "There is going to have to be change at levels where change can be made".

The new infections were largely in Asia, which had been closed for business when the malware first struck.

It's easy to say everyone should be vigilant, install every patch released and, preferably, never miss an operating system update. Those include a known and highly unsafe security hole in Microsoft Windows, tardy users who didn't apply Microsoft's March software fix, and malware created to spread quickly once inside university, business and government networks.

Other reports by LeisureTravelAid

Discuss This Article