“wannacry” the cyber-disaster waiting to happen.

Posted By on May 17, 2017

Wow! What a week!

  • The “wannacry” ransomware malware shut down over 30,000 systems worldwide before a fix was discovered (largely by accident too!)
  • As if that wasn’t enough, it’s revealed the ransomware malware was designed from data leaked from the NSA!
  • Microsoft is accusing the NSA of knowing about flaws in computer systems and deliberately not divulging them, so fixes could be made.
  • Donald Trump, America’s motor-mouth president, divulged top secret ISIL intelligence to the Russians, along with the source of that intelligence!
  • And more will come out – the “wannacry” threat will be linked to North Korea, though it’s doubtful we’ll ever get 100% ironclad evidence to prosecute that.

What’s the big deal? It’s only 30,000 of the billions of systems in the world right?

Wrong! Firstly, we’re talking “systems” as in commercial systems, where hundreds (or in some cases thousands) of computers are all interconnected. If you are counting actual computers, it could be millions.

Secondly those systems weren’t home computers. They included most of the UK’s medical systems. scanning machines, intercommunications between services, specialists – right down to GPs, were effected. Attacks were recorded on various government and corporate systems as far away as India, Germany, USA, Spain and Australia.

If that doesn’t alarm you, just imagine if every traffic light in your city turned green at once and you needed an ambulance but your mobile phone network was down. At the same time all planes vanish from the flight controllers radar consoles. Now multiply that for every city in your country. This time the malware targeted old Windows XP based systems. That meant that air traffic control systems weren’t effected – yet!

By the way, the only reason they weren’t is because back on 3rd of May 2014, at 2:00pm, a vintage U2 spy plane upset the California Air Traffic Control system and drew the authority’s attention to the weaknesses in the air traffic control system and they did some major upgrades. The U2 was flying at 60,000 feet and it’s on-board computer tricked flight control into thinking it was the same altitude as commercial airliners, creating havoc as they tried to move airliners out of the way of an aircraft that wasn’t there. Since the U2 was designed in the 1950s, the red faced air traffic control bureaucracy decided it was time to upgrade their systems.

As weaknesses are discovered and systems evolve to meet new demands, a new operating system versions are created, tested and released. Some upgrades are minor and require a few patches to fix the weaknesses, like Windows 95 to Windows 98. Others are major and require a complete rewrite, creating an entirely new version like Windows XP to Windows 7. For governments and large businesses, this means paying millions of dollars for the new system, then paying their IT folks a fortune to adapt their in-house software for this new system.

Throw in this mix, a bunch of sneaky profiteers like Microsoft who try to make new minor revisions look like major rewrites and want customers to buy the new versions so they can spy on their usage and we have huge financial mistrustful disincentives for businesses to keep their systems up to date. They no longer trust Microsoft when it announces new “critical” updates.

Into our so called ‘secure system’ you can add all the people who take work home onto their personal computers at home and download it back onto the corporate or government system tomorrow. Effectively this doubles the number of machines in any system and therefore the number of weaknesses.

Now add the icing on the IT cake – a secretive intelligence organisation like the NSA, who discovers a weakness, writes malware to use it and refuses to tell their own countrymen about the weakness, so they can improve their own national security.

Add all this together and we have the perfect storm, just waiting for some hacker to create the disaster that was the “wannacry” ransomware cyber attack.

About The Author

Mimenta.com is the online voice of a collection of consumer advocates working independently to represent people who would otherwise be unheard. We speak for those who are bullied by corporations and don't realise they can have a say.


Comments are closed.