Author: Zachary Goldman and Damon McCoy / Source: TheHill
Individuals and institutions affected by the WannaCry ransomware attack face a Hobson’s choice—the malicious software (malware) encrypts a user’s documents while the decryption keys remain in the hands of the cybercriminals. Victims of the attack can either pay the hackers for the release of their files, feeding the profit motive that generates attacks like this in the first instance, or refuse to do so and permanently say goodbye to their computers.
In this instance, the WannaCry attackers generally have not decrypted files after victims sent payment, making it an easy choice not to pay. But as a public policy matter the WannaCry ransomware attack raises an equally thorny set of challenges, implicating technical questions surrounding the best ways to curtail the spread of this kind of malware, national security and intelligence policy, and corporate incentives to implement software updates. All of these challenges are taking place in a global context. In many ways, the WannaCry ransomware attack embodies the challenges and paradoxes of cybersecurity policy today and illustrates why sustainable solutions are difficult to achieve.
The WannaCry ransomware used a vulnerability in older versions of Windows that allowed an infected computer to remotely compromise other network-connected computers. This worm-like propagation of the malware allowed it to infect hundreds of thousands of computers connected to the internet in less than an hour after the initial infection. These kinds of worms were fairly common from 2008-2011 and millions of computers were often infected by them.
The broad propagation of the malware was accelerated by the fact that many of the companies that were affected had not implemented patches that were widely available. This dynamic reflects two intertwined challenges—the first is the widespread failure to implement the fix for this particular software vulnerability that Microsoft released in March. The company appears to have been notified of the vulnerabilities in January, presumably by the U.S. intelligence community shortly…
Click here to read more