More cyber attacks on the way, warn experts
There was chaos after 150 countries were hit by a cyber attack over the weekend. The malicious bug was stopped but security experts say there may be worse to come. How worried should we be?
In Britain, ambulances were diverted, operations were cancelled, and doctors were forced to treat patients without their full medical records. In Germany, screens in train stations displayed threatening ransom messages. In France, the car company Renault was forced to halt production at several factories.
This was all due to a computer virus known as WannaCry, which caused havoc as it spread around the globe on Friday. It was a type of virus known as ransomware: once it had infected a computer, it locked the files and displayed a screen demanding $300 in bitcoin. It was also a “worm”, meaning that it could spread through entire networks of computers incredibly quickly.
Yesterday the chief of Europol Rob Wainwright said that at least 200,000 victims had been targeted in 150 different countries. “The global reach is unprecedented,” he said.
Currently, no one knows who was behind the attack.
The virus exploited a weakness in Microsoft Windows that was initially discovered by the NSA, one of America’s intelligence organisations. This “cyber weapon” was then leaked by a group of hackers in April, around the same time that Microsoft offered a patch to fix the problem.
However, not everyone had installed the update — including in the NHS, where many computers still use the out-of-date operating system Windows XP.
Eventually, the virus was stopped by an “accidental hero” in England, known only by his blog name, MalwareTech. While investigating the ransomware code, he discovered an unregistered domain name. He bought it for just $10.69 to track the progress of the virus; but this turned out to be a “kill switch” that stopped the program in its tracks.
Still, he has warned that there may be more to come. “The attackers will realise how we stopped it,” he said. “They’ll change the code and then they’ll start again.”
Reality bytes
For many, it has been terrifying to watch just how quickly and easily the virus spread. This is not just about lost money if the ransom is paid; disrupting hospitals could cost lives. We were lucky this time — but we have had a glimpse of a truly apocalyptic future. What happens if hackers get access to electricity grids, or nuclear codes? Our reliance on technology feels far more dangerous than it did this time last week.
Don’t panic, say others. The virus was stopped, and it does not seem like anyone was hurt. What’s more, the incident has been a wake-up call for companies and governments alike. No one can deny the importance of cyber security now. And the good news is that protecting computers from ransomware is relatively easy — as long as we make sure that software is updated regularly, then everyone will be safe. Simple.
You Decide
- How worried are you about cybercrime?
- “Cyber security should be every government’s number one priority.” Do you agree?
Activities
- Make a poster which advises young people on how to protect themselves from computer viruses.
- Write a short report on the threat that cybercrime poses to Britain, addressed to the prime minister, Theresa May. Include three recommendations for how she can tackle the problem.
Some People Say...
“It is pointless to worry about things you cannot control.”
What do you think?
Q & A
- What do we know?
- At least 200,000 computers were infected in 150 countries, according to Europol. The attack was based on a flaw in Windows operating systems which was first discovered by the NSA. The hacking group Shadow Brokers published information about the flaw, and a tool to exploit it, in April.
- What do we not know?
- A lot of things, including who was behind this attack, how much money they will make, or whether they intended the virus to spread so far. We do not know whether anyone was hurt as a result of the attack on the NHS. We also do not know where or when a new virus might appear — although yesterday Europol’s Rob Wainwright warned that this could happen today, once staff begin arriving at work and turning on their computers.
Word Watch
- Bitcoin
- A “cryptocurrency”, or a form of digital money, which is extremely difficult to track.
- Europol
- The European Union’s law enforcement agency. Europol opened a Cybercrime Centre in 2013, in order to help European countries tackle the issue.
- NSA
- It is fairly common for security agencies to use these flaws in systems for their own ends — such as in the fight against terrorism. NSA whistleblower Edward Snowden said the organisation was to blame for the attack, as it did not report the fault to Microsoft when it found it.
- Windows XP
- Microsoft stopped offering updates for Windows XP in 2014. This means that the patch was only available to XP users who paid for “custom” support. After the attack, Microsoft offered a free emergency patch.
- Domain name
- A website address. In this case it was a long, nonsensical code which the virus was connecting to from infected computers. MalwareTech explained that registering it to track these connections is standard practice for the company he works for.
- Money
- According to BBC News, as of Sunday, around £22,080 had been paid into the accounts.
Become an Expert
- BBC News reporter Chris Foxx gives quick tips on how to stay safe online. (0:50)
- Everything we know, and everything we don’t know, about the global cyber attack. The New York Times. (1,250 words)
- What could a more extensive cyber attack do to America? TakePart imagines some dire consequences. YouTube. (3:21)
- “Accidental hero” MalwareTech blogs about how he stopped the virus from spreading on Friday. (1,700 words)
- Wired explains why hospitals make the perfect targets for ransomware. “If you have patients, you panic way quicker than if you are selling sheet metal.” (1,700 words)
- For those interested in fake news, security researcher Ross Anderson explains some of the misconceptions which spread about the virus on Friday. Light Blue Touch Paper. (700 words)