WannaCry Virus: A Lesson in Global Unpreparedness

commentary

May 22, 2017

A young man is frustrated by the WannaCry ransomware attack

Photo by zephyr_p/Fotolia

This commentary originally appeared on The National Interest on May 17, 2017.

The recent cyber ransomware attack provides important opportunities for learning—really relearning—lessons about how to secure cyber networks. But first, it is important to separate what is known about the attacks from the hard truths about global cyber preparedness.

Recently, a piece of malware—the WannaCry virus—exploded on the scene with unprecedented speed and scale. The virus exploited a known security flaw in Microsoft XP operating software that spread to over 150 countries, infecting over two hundred thousand computers and locking the data of software users. The perpetrators of the attacks demanded a Bitcoin payment of $300 be deposited in exchange for unlocking that data. Failure to pay the ransom would result in the destruction of the data.

Information about the existence of the security flaw was purportedly contained in a U.S. National Security Agency toolkit that was inadvertently discovered. In March of this year, upon realizing the toolkit was compromised, Microsoft developed a patch for the sixteen-year-old software and made fixes available for free for the older XP systems.

But the use of ransomware to lockdown user data and extort a payment is hardly a new occurrence. In a twelve-month period ending June 2016, more than 50 percent of the organizations surveyed had been hit with ransomware. In the first quarter of 2016 alone, more than $209 million had been paid out. Despite these payments, slightly less than half of the organizations that paid the ransom were able to recover their data.

Of course the question on everyone's mind is, Who perpetrated such an act? The answer will likely take days and weeks to establish, and even then there will be uncertainties…

The remainder of this commentary is available at nationalinterest.org.


Daniel M. Gerstein works at the nonprofit, nonpartisan RAND Corporation and is an adjunct professor at American University. He was the undersecretary (acting) and deputy undersecretary in the Science and Technology Directorate of the Department of Homeland Security from 2011 to 2014.

More About This Commentary

Commentary gives RAND researchers a platform to convey insights based on their professional expertise and often on their peer-reviewed research and analysis.