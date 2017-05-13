Friday May 12th, 2017 may become a landmark date in the world of cybersecurity. A major wave of cyberattacks known as ransomware infected thousands of computers around the world.

Ransomware is a computer virus that upon infecting a computer encrypts the data on a computer and demands a ransom, in this case around $300, for a password to allow the owner of the computer regain access to their files.

Ransomware is normally spread using email containing attachments or links to infected websites so that when the unsuspecting user clicks on the attachment or the link the ransomware is activated and encrypts the victims data. What is different about this ransomware, known as Wanna Decrypter, is that it takes advantage of a known security weakness in older versions of Microsoft Windows to enable it to spread automatically from one insecure system to another. The speed of how quickly this version of ransomware spread without requiring intervention by people to infect their computer is what makes it unique and Friday the 12th a landmark date in cybersecurity.

Within hours this computer virus infected computers in over 70 countries such as the UK, Spain, China, Russia, and the United States of America. In the UK, 39 National Health Service (NHS) hospital trusts were impacted with several hospitals forced to cancel some patient services and others having to divert ambulances to other hospitals.

In the US, FedEx announced a number of their systems had been infected with the ransomware, and the Russian Interior Ministry stating over 1.000 of their computers were held to ransom.

Here in Ireland, the Health Service Executive has taken proactive steps to prevent its systems from becoming victims of the ransomware. In a statement, the HSE said: “In light of the cyber-attacks today on the information technology systems in both NHS and NHS Scotland, the HSE’s leadership convened a special meeting this evening in order to consider the situation. On foot of that meeting it was decided that, as a protective measure, the HSE’s Office of the Chief Information Officer would remove all external access to the HSE’s Network to protect the integrity of clinical IT systems throughout our health system.”

Outdated systems

While many headlines boast this attack is a sophisticated cyberattack, at its root this attack is not really that sophisticated. The security weakness, or vulnerability, exploited by Wanna Decrypter to spread itself so quickly has been known to Microsoft for a number of months and Microsoft released a fix to address this vulnerability several weeks ago. Any systems that had the fix applied would not be impacted by this virus.

What Wanna Decrypter has highlighted is that many organisations are still using older computers and operating systems which are becoming more and more difficult to keep secure. This can often result from organisations not having the money to invest in IT systems over the past number of years due to other financial priorities and pressures, or it could be due to old legacy applications and systems will stop working should they be patched or upgraded to later versions of software.

Or more worrying is that this attack demonstrates that many organisations are not taking cybersecurity seriously and are not investing the time, money, or resources to ensure the systems their businesses rely upon are properly secured.

The sharp increase in ransomware in recent years highlights that many organisations still do not get the basics right when it comes to cybersecurity. According to the 2017 Verizon Databreach Investigations Report (DBIR) the number of ransomware attacks grew by 50% from 2015 to 2016. What is saddening is that ransomware is not a new threat. At its heart ransomware is basically a computer virus, except this time it has a particularly immediate and effective payload. We have been battling computer viruses for over 25 years, so it is disheartening that we still see individuals and organisations fall victim to these attacks.

With our ever-increasing reliance on computer systems to run and protect our businesses, our economy, our hospitals, our communications, the critical services rely on, our own personal lives and data, our homes, even our cars, it’s time that as a society we take cybersecurity seriously. The Wanna Decryptor attack may have just impacted computers, tomorrow we may not be so lucky and a cyberattack impacting a critical system could have a life impacting results.

Brian Honan is founder and CEO of cybersecurity firm BH Consulting