The largest cyberattack in history has provided tech security experts and the enterprise architecture community with plenty of hard-earned lessons.
The so-called WannaCry ransomware attacks that affected computer users in 150 countries in mid-May underscored the need for stronger security measures on the part of companies and organizations. The cyberattack that started May 12 reportedly affected more than 230,000 computers by exploiting a vulnerability in the Microsoft Windows operating system.
The weakness was initially discovered by the US National Security Agency (NSA), which used the glitch for its own purpose. The vulnerability information was later stolen from the NSA and exploited by hackers who attempted to profit by infecting networks then demanding $300 to $600 in bitcoin for each computer on the network. As a result, it’s called ransomware.
The WannaCry attack highlights the need for more diligent maintenance of networks to reduce the chances of future episodes, pundits said.
“WannaCry points directly to why individuals and firms of all shapes and sizes need to update their software and operating systems,” Virginia Tech cybersecurity expert Eric Jardine said. “Far too many systemically important organizations, such as hospitals, are using no longer supported operating systems such as Microsoft Windows XP. WannaCry took advantage of that path dependency to devastating effect.”
CYBERATTACKS UNDERSCORE VALUE OF ENTERPRISE ARCHITECTS
The rising demand for cybersecurity protection underscores the value of enterprise architects. The proportion of organizations surveyed that have enterprise-wide digital strategies increased 52 percent in just two years, and those organizations with a chief digital officer have increased 39 percent over last year, according to a study by advisory firm KPMG LLP.
“To help deliver these complex digital strategies, organizations also report a huge demand for enterprise architects—the fastest growing technology skill this year, up 26 percent compared with 2016,” HealthData Management reported in early June.
Twenty-four percent of the people surveyed by the Centre for International Governance Innovation indicated they didn’t know what they would do if their devices were hacked and a ransom demanded. Just 16 percent of them indicated they would retrieve the data from a backup system.
“Eventually, we will all get hacked,” Jardine said. “What matters is how we handle it when the worst case scenario happens. Users need to back up files and employ some basic digital hygiene so that they can minimize risk and bounce back from the inevitable.”
The WannaCry attack mostly impacted operating systems that weren’t kept up to date with the latest fixes and security patches. As a result, many of the computers were operated by governmental users and large institutions such as hospitals.
Within four days after the initial attack, many of the computer owners had resolved the issue and slowed the spread of the computer virus. Security scams have since tried to take advantage of the episode by offering fake apps boasting the latest and greatest security features.
In May, Ray Klump, professor and director of the Master of Information Security program at Illinois-based Lewis University, suggested organizations take these steps to protect themselves from attacks like WannaCry:
- Enable automatic updates so operating systems are updated when Microsoft finds problems and fixes them.
- Upgrade to Windows 10 operating systems.
- Disable Microsoft’s server message block protocol.
The hackers reportedly collected nearly $127,000 in about 302 payments during the four-day WannaCry attack.
In late May, Krytos Logic, the Los Angeles-based security company, reported that computers with the Microsoft XP operating system weren’t affected.
Meanwhile, at Michigan State University, cybersecurity expert Thomas J. Holt, a professor of criminal justice, said such attacks take advantage of both hardware and software weaknesses.
“There are hundreds of vulnerabilities that have been identified in all manner of software, from the Microsoft operating system Windows to the web browsers that we use every day,” he said. “The life cycle of software and hardware, however, means that it is not possible to identify every flaw before it is made available to the public for use.”
There was a silver lining.
The WannaCry attack revealed both the vulnerability and resilience of networks, said Cornell assistant professor Rebecca Slayton, an expert on international security and cooperation.
She said, “It is a sober reminder that it only takes one mistaken click to compromise an entire organization; that computer systems, like all infrastructures, become unreliable without constant maintenance; and that human lives often depend on the reliable functioning of computers.”
Slayton also noted the ability of many networks to fend off the attack and quickly rebound with little damage. Many computers were protected by automated patching programs, and information technology systems were restored from backups.
“Nonetheless, the fact that the attack was a ripoff from the National Security Agency suggests the need to put resources into developing resilience rather than focusing on devising new cyberattacks,” she said. “What comes around goes around.”