On Friday 12th of May 2017, the largest cyber attack in history took place. Over 74 countries saw government systems held ransom by online thieves. Among the affected were the British NHS, which was all but shut down for several hours and had vital services shut down for more than a day.
The attack was a so called Ransomware, a kind of virus that encrypts (or “locks”) important documents and files and tells the user they have a certain amount of time (often only a few hours) to pay a rather hefty fee, or the files will be deleted. If payment is done, there’s still no guarantee that you’ll get your files back and sometimes the hackers will try to ask for even more money.
Some very advanced (and expensive) anti-virus programs can clean it up for you, but other than that you should really rely on prevention methods instead. So, could this attack have been prevented?
The short answer is yes. The long answer is that the attack was possible due to two key components.
First was that Microsoft alerted its users about a serious security breach that had been patched two months prior to the attack. This is the very breach that enabled the hackers to access the computer systems and install the virus. So if the affected government departments had prioritized the IT department a bit more, instead of cutting it down, this would have been prevented by a simple Windows Update.
Second was that the US National Security Agency (NSA) had been working on a top secret piece of software that opened up a back door in Microsoft Windows, allowing them to peek inside any computer running Windows. This software got stolen from them by hackers several months before the attack. These are the same hackers that performed the attack. NSA did not inform the public until a few months later, at which point Microsoft immediately patched up this back door. This back door was the security flaw Microsoft was talking about. So if NSA had not tried so hard to invade people’s privacy or had alerted the public a lot sooner, this attack would have been prevented.
I hope this is a wake-up call for governments and citizens alike. IT security and online privacy are important components in our everyday life and when government agencies try to invade that privacy or neglect their own security, it leaves them open to this kind of attack. There is no telling how long the hackers have had access to the affected systems, but it have to have been some time in order for them to release all the ransomware at once like that. We cannot know right now if they have accessed information while they were in these systems, information they can sell for nefarious reasons later. There’s a lot you can do if you have the patient journals or prescription history of an entire nation and a lot of people would pay a lot of money to get their hands on that information.
So do yourself a favour, update your operating system and the software you use on a regular basis, ask your employer to do the same. Ask your government to stop trying to peek into your computers and ask your agencies to stop downsizing their IT departments.