GSN_Apr_FINAL+links

Cyber Threats & Solutions
Cybersecurity executives ‘Wannacrypt’ ransomware
attack a wake-up call for industry, government leaders
By Steve Bittenbender
Editor, Government Security News
The ransomware attack that plagued
the globe on Friday must serve as a
“wake-up call” to both industry and
government leaders that the time for
urgent action is now. That’s how one
of Microsoft’s top executives reacted
to the “WannaCrypt” attack that
targeted computer systems in various
industries worldwide, including
healthcare and government systems.
“WannaCrypt,” also dubbed
“WannaCry,” was a ransomware attack
that paralyzed hospitals in Great
Britain and even FedEx in the United
States, although the attack seemed
to focus mainly on Russian servers
based on information provided from
Kapersky Labs. A ransomware attack
is where a hacker encrypts files and
threatens to destroy the data if the
ransom – in the case of “WannaCrypt,”
it was at least $300 in Bitcoin
– is not paid within a certain time.
In a Sunday blog post on Microsoft’s
Web site, company President
and Chief Legal Officer Brad Smith
said the hackers used material stolen
from the National Security Agency
Brad Smith
to perpetrate the attack. The NSA
breach had been previously reported,
and, in March, Microsoft released
a patch to its users to protect
them from an attack. While some users
updated their systems, others did
not, and they were the ones scrambling
on Friday.
The ransomware attack
“demonstrates the degree to
which cybersecurity has become
a shared responsibility
between tech companies
and customers,” Smith said.
“The fact that so many computers
remained vulnerable
two months after the release
of a patch illustrates this aspect. As
cybercriminals become more sophisticated,
there is simply no way
for customers to protect themselves
against threats unless they update
their systems. Otherwise they’re literally
fighting the problems of the
present with tools from the past.”
Dan Matthews, a sales engineer
with Lastline, said network managers
had another option to prevent the
attack if they were not able to get the
patch installed in time.
He, like other experts, said the ransomware
attack served as an important
reminder of being proactive in
managing cybersecurity risks.
“In practice things are often more
complicated and there are legitimate
reasons for needing more time to
implement a patch,” Matthews said.
“Organizations who are unable to
deploy Microsoft’s (or other
software vendors’) critical
patches in a timely manner
can instead implement advanced
email and network
protections that are capable
of detecting ransomware
and preventing the delivery
of these payloads to unpatched
computers.”
Ofer Israeli, CEO and founder of
Illusive Networks, said he expects
hackers will continue to use the stolen
NSA material for other attacks.
“In this case, we are seeing an opportunistic
ransomware operation,
but we can expect the exploit is already
being used for surgical targeted
attacks, the outcome of which will
only be revealed in a few months,
due to the time it takes to execute
a sophisticated targeted attack,” he
said.
Brian Lord, OBE, managing director
for British-based PGI Cyber, said
the attacks were “always inevitable.”
Lord also echoed Smith’s comments
on this being a wake-up call.
“While organizations are distracted
by high profile dramatized threats,
such as Russian election hacking,
they are neglecting basic cyber hygiene
measures which can prevent
the mass effectiveness of mass ransomware
attacks like this,” said Lord,
the former director of deputy director
for intelligence and cyber operations
for Britain’s Government Communications
Headquarters.
Smith added that it’s time government
leaders readdress their
cybersecurity policies, as attacks
like “WannaCrypt” are becoming
an emerging problem this year. He
equated the NSA losing its coding to
the military having a few Tomahawk
missiles taken.
“This is one reason we called in
February for a new ‘Digital Geneva
Convention’ to govern these issues,
including a new requirement for
governments to report vulnerabilities
to vendors, rather than stockpile,
sell, or exploit them,” Smith said.
“And it’s why we’ve pledged our support
for defending every customer
everywhere in the face of cyberattacks,
regardless of their nationality.”
40 41
GSN’s 2017
Airport/Seaport/Border Security Awards
Now Including Cybersecurity Solutions for Airport, Seaport,
Border Security Markets
All Winners in this program are
entitled to a Full-Page Advertisement
(8.5” x 9.0”) in your choice of GSN’s
Digital Magazine or Leaderboard in
any edition of the Airport, Seaport,
Rail, Border Security Weekly
Newsletter.
Adrian Courtenay
Managing Partner, CEO
Government Security News
917-696-5782
acourtenay@gsnmagazine.com
NEW IN 2017:
CLICK HERE TO SUBMIT ENTRIES
All Finalists are entitled to a Half-
Page Advertisement (8.5” x 4.5”) in
your choice of GSN’s Digital Magazine
or Leaderboard in any edition of the
Airport, Seaport, Rail, Border Security
Weekly Newsletter.
Steve Bittenbender
Managing Editor
Government Security News
502-552-1450
sbittenbender@gsnmagazine.com
Gerry O’Hara
Designer
OHDesign3
203-249-0626
gerry@ohd3.com