This weekend, military intelligence software stolen from the NSA was used to hold ransom the data of businesses, government agencies and Britain’s healthcare system and this cyberattack has just begun. This virus has so far affected 200,000 computers in 150 countries making it the largest ransomware attack of all time. Only one Australian user has been hit so far by this ‘WannaCry virus’ but with the attack still spreading and with businesses logging on on Monday morning, your cybersecurity should be on high alert.
The 1st Thing: Protect Yourself Now
This cyberattack is happening right now—it is predicted to bloom as people log on this Monday morning so you need to:
- Backup your files. This virus acts by scrambling your files and then demanding a ransom of 300–600 USD to unscramble them. If you have your files backed up, then at least you are safe from losing your data (but not your computer).
- Update to the latest version of Windows. This may involve spending money—but for security against the latest viruses you should always be using the latest OS. This virus works by exploiting an insecurity in Windows. Microsoft has released a patch for even some of its unsupported versions dating back 14 years so at the very least, ‘Restart and Install Updates’.
- Have Antivirus software running. Our favourite free Antivirus is Avast.
The Cyberweapon Computer Virus
This is the first real case of a military cyberweapon being stolen by hackers and being used as a hacking supertool. It’s an event that many have feared since the advent of cyber-warfare and it does not bode well for things to come. That external agents could infiltrate the NSA and steal some of their super-advanced code comes as a great shock to the entire world and it triggers the familiar fears of high-tech government weaponry: that after we develop them, they could be copied and used against us. This fear is far more real with regards to cyberweapons than it ever was with missiles, gasses, etc. in the past.
How Did This Happen?
One year ago, there were news reports that a group called the ‘Shadow Brokers’ had stolen files from the NSA and were auctioning them online. They released one free download of files—a plethora of infiltrating and hacking programs, but then another folder of “best files” that they aimed to sell for at least $1 million. Supposedly this contained the powerful cyberweapons.
But . . . the cyberweapon goodybag didn’t garner much interest (Bitcoins). It may have been partly due to the way they conducted this auction. Bidders submit Bitcoins to their wallet and the highest bidder gets the files (decryption key), whereas the others don’t get their money back.
Then last month the same group released another set of files. This set was released as a “form of protest” after losing faith in the leadership of President Trump. They declared this in a Medium article here and actually, the hacking community’s backlash after the Syria Strike is something that everyone was just waiting to happen. But—the way they did it—just releasing dangerous files into the public domain was the worst possible way—the most possible innocent victims.
Which brings us back to this current cyberattack. Either there were winning bidders for their stolen files or they used their files themselves, because the code leaked by the Shadow Brokers was used to create this ransom virus that is multiplying across the internet.
Should I Panic?
If you don’t have $300, then not yet, because people including the US government are working on this. Even if you have the money, it is recommended for ethical reasons not to pay it yet until a solution may arise.
Also, if you are too poor to pay it, Shadow Brokers will be holding “free events” for you guys. (It says that in the ransom note.) I would want to go that, seriously what will that be like???
The #1 Question in Cyberwarfare: Who Is The Most Advanced?
The disturbing thing about the WannaCry virus is that NSA cyberweapons are being used against big and small businesses, the German transport system and even public hospitals—causing patients to be delayed and rescheduled. The web has started to become a new battleground—and one with very real-world victims. These new weapons have made that a reality for all people and organisations connected to the web. The only way to survive is to stay ahead.
Cyberwarfare is basically a game of cat-and-mouse between cyberweapons and cybersecurity. The problem is, that it’s hard to defend against something before it exists, so cyberweapons are often a step ahead. But, one of the main assurances in the past has been that the US government is always a step ahead of the cyber-criminals. Because independent groups are no match for the vast resources of the US. But . . . these software leaks are raising serious concerns. If cybercriminals become just as advanced as the US government—and they attack—then they may pervade the most crucial defences. Should the NSA be focussing more on cybersecurity than cyberweaponry?