A chrome-plated briefcase packed with unmarked bills is the typical image used in the movies to pay a ransom. But when it comes to ransomware like the WannaCry Trojan horse released over the last week, the method of payment is decidedly high tech. David Garrity, CEO of GVA Research, looks at the role bitcoin is playing in this latest cyber threat.
Success of “Wanna Cry” Ransomware Cyberattack Highlights Pitfall of Software Piracy Free-riding:
Coming out of the weekend, financial markets have been braced for the continuation of the “Wanna Cry” ransomware cyberattack that began to unfold on Friday 5/12/17. So far, no second wave has been identified, but the PRC government notes a variant program version is active in the incidents seen there. The “Wanna Cry” ransomware is capable of spreading independently in that it doesn’t rely on users opening a message attachment for propagation. Also, the ransomware in particular targets security flaws in operating system software products Microsoft no longer supports such as Windows XP for which support ceased in April 2014. While individuals, organizations, companies and governments in over 150 countries have been affected in the present outbreak, there are significant concentrations in regions where in the past Microsoft experienced significant revenue losses due to software piracy as PCs were provisioned with unlicensed copies of Microsoft operating system software, such as in Russia and the PRC. As such, the necessary software maintenance in terms of upgrades and security patch installation is likely to have not been performed in these areas. Consequently, software pirates have been hoist on their own petard when it came to not having the necessary protections in place when “Wanna Cry” ransomware went active. In cybersecurity, there is no free protection and software piracy free-riders have come to pay the price.
Prospects of Growing Waves of Cyberattacks On Widening Networks of Connected Devices Should Drive Shift to Secure Decentralized Networks:
As indicated above, there are clear negatives to running outdated and unsupported software. While Microsoft has stepped up in providing security patch software to address the system flaws the “Wanna Cry” ransomware exploits, the attack may prompt users to migrate away from Microsoft towards other software products such as Apple iOS or Alphabet’s Google Chrome, although the likelihood of this happening quickly is quite low. More likely, in our view, is that with the networks of connected devices widening as the Internet of Things (IoT) is deployed, users will demand that such networks be both secure and decentralized, a system architecture that will serve to minimize the risk of cyberattack intrusion and, if and when intrusion occurs, its concomitant spread. Free-standing devices should become increasingly rare as users desire maximum system uptime with minimal risk of cyberintrusion.
While the move to cloud-based networks is already well underway, there is an important distinction between centralized and decentralized networks. While on the one hand there is greater uniformity in timely security patching and mitigation strategies with centralized networks, the uniformity coupled with the shift to a high concentration of application and data flow to the cloud on a few providers represents the classic “Fukushima” type risk profile. The same redundant security means the replication of the same vulnerability. Consequently, rather than desired resiliency, there is with centralized networks a greater hardening with large risk accumulation and attendant “black-swan” shattering effects. To avoid this curious paradox of risk mitigation, it is necessary to pursue a model of secure decentralized networks. Vendors such as Mutualink address this emerging customer requirement. With the recent advent in the US of FirstNet (see: https://www.commerce.