Comment by Vijay Michalik, Industry Analyst, Digital Transformation, Frost & Sullivan
“Last week’s large scale ransomware infection is a clear sign of the escalating challenges facing cybersecurity. In the biggest ransomware outbreak so far, over 100.000 computers are believed to have been infected from Russia to Taiwan, including in institutions such as Telefonica, FedEx, Deutsche Bahn and the NHS.”
“While the attack was stopped in its tracks as a kill-switch was found and activated by a cybersecurity researcher known as MalwareTech, it is highly likely that a new strain will appear without this flaw. The kill-switch doesn’t decrypt the files that are already compromised, and it doesn’t appear that the encryption has its own exploitable flaw.
The ransomware is a variation of Wana Decryptor, a strain which emerged two weeks ago. Its rapid success is attributed to exploiting a Windows vulnerability which hasn’t been patched across all systems. Several key figures including Edward Snowden and Microsoft have levelled fingers at the NSA.
The NSA’s data on the exploit was publically leaked by a hacker organisation known as the Shadow Brokers before the NSA provided to the vendors details for them to patch it. Last year, the NHS was revealed to have thousands of computers still running on Windows XP, which hasn’t been supported by Microsoft since 2014. The failure to update operating systems and applications is another key factor to the ransomware infection in the UK. Given the high profile nature of this vulnerability, Microsoft has released a security patch for its older systems to protect them.
The rise of ransomware can be attributed to the proliferation of easy-to-use ransomware tools, and ransomware-as-a-service on sale in the cybercrime underworld. These can be easily customised and have helped create a growing list of successful attacks which generate revenue for the perpetrators.
Frost & Sullivan believes we are nearing an inflection point in cybersecurity across both government and the private sector, although key barriers remain such as lack of technical understanding and reticence to invest. Businesses need to invest heavily to match the growing threat of cybercriminal activity, in each of technology, internal security personnel and training of general staff to identify and avoid threats. Key sectors such as healthcare will be pressured to adapt by governments if they will not do so of their own volition, with an annual growth rate in healthcare cybersecurity of 13.6% in the US alone.”