Many countries are still reeling from the overwhelming ransomware attack, known as WannaCry, that took the world by surprise last Friday. In the wake of these attacks, cybersecurity experts are scrambling to figure out the details and take preventive measures against further propagation. Given the extensive nature of the attacks, and the enormous number of variables and unknowns, we are still far from being in the clear.

The attack has brought up many questions and points of debate. Why did the NSA withhold a critical vulnerability from Microsoft? And exactly who was behind the attack?

Whoever it was, their methodology belies a highly professional organization employing some very talented hackers. Fingers are already beginning to point in the direction of North Korea, one of the usual suspects. Clues that link the attack to the Sony hacks and the attack on a bank in Bangladesh, both of which are believed to have originated from North Korea, strengthen the theory, but it is still too early to discuss the potential source of the attack with any certainty.

Cyber kill chain for the WannaCry attack

Whatever the case may be, one thing is clear: the danger is far from being behind us. The trove of advanced cyberweapons stolen from the NSA and leaked by a group calling themselves the Shadow Brokers is still ripe for exploitation. In a blog post, the president of Microsoft, Brad Smith, asked what would happen if the US military had “some of its Tomahawk missiles stolen.” It’s an apt comparison. US government agencies invest millions of dollars in cyberweapons that exploit vulnerabilities in operating systems like Windows, and these weapons are kept under lock and key precisely because they are so dangerous.

Except, of course, the NSA’s cyberarsenal is now out in the open and can fall into the hands of absolutely anyone with a computer and Internet access. In the face of the many unknown threats waiting on the horizon, it is more important than ever to use next-generation protection solutions such as Panda Security’s Adaptive Defense, which successfully detected and blocked WannaCry and protected its users worldwide. As attacks become more sophisticated and unpredictable, the best approach is a proactive one. The worst may still be to come.