Many countries are still reeling from the wave of ransomware attacks, known collectively as WannaCry, that took the world by surprise last Friday. In the wake of these attacks, cybersecurity experts are scrambling to figure out the details and take preventive measures against further propagation. However, given the enormous number of variables and unknowns, we are still far from being in the clear.
The attack has brought up many questions and points of debate. Why did the NSA withhold a critical vulnerability from Microsoft? Why didn’t Microsoft do more to warn users to implement the patch correcting the vulnerability after it was made public? And exactly who was behind the attack in the first place?
Whoever it was, their methodology belies a highly professional organization employing some very talented hackers. Fingers are already beginning to point in the direction of North Korea, one of the usual suspects. Clues that link the attack to the Sony hacks and the attack on a bank in Bangladesh, both of which are believed to have originated from North Korea, strengthen the theory, but it is still too early to discuss the potential source of the attack with any certainty.
Whatever the case may be, one thing is clear: the danger is far from being behind us. The trove of advanced cyberweapons stolen from the NSA and leaked by a group calling themselves the Shadow Brokers is still ripe for exploitation. In a blog post, the president of Microsoft, Brad Smith, asked what would happen if the US military had “some of its Tomahawk missiles stolen.” It’s an apt comparison. US government agencies invest millions of dollars in cyberweapons that exploit vulnerabilities in operating systems like Windows, and these weapons are kept under lock and key precisely because they are so dangerous.
Except, of course, the NSA’s cyberarsenal is now out in the open and can fall into the hands of absolutely anyone with a computer and Internet access. In the face of the many unknown threats waiting on the horizon, it is more important than ever to use next-generation protection solutions such as Panda Security’s Adaptive Defense, which successfully detected and blocked WannaCry and protected its users worldwide. As attacks become more sophisticated and unpredictable, the best approach is a proactive one. The worst may still be to come.