Authorities worldwide are mopping up after an international ransomware attack disrupted hospitals, factories, government agencies, banks and businesses in 150 countries over the past few days. The latest clues point to hackers possibly linked to North Korea.
In what looks to be an unrelated cyber attack, hackers reportedly shanghaied the Disney film “Pirates of the Caribbean: Dead Men Tell No Tales.” The crooks threatened to splash it onto the internet before the film’s scheduled May 26 release if Disney didn’t fork over a ransom in bitcoin, according to deadline.com.
Experts warn that worldwide ransomware attacks could bloom again in the coming weeks. They warn that many computers running outdated (or stolen) software could be vulnerable to hackers who pilfer data, or hold it hostage for ransom.
Hmm. When have we read about similar breaches and often heard similar warnings about computer vulnerabilities?
Oh, right. In 2016 when the Russians were roaming through the Democratic National Committee’s email system.
Or in 2015, when the U.S. government revealed that hackers stole a massive trove of data from the federal Office of Personnel Management, exposing sensitive information about millions of people, including federal employees, contractors and their families and friends.
Or when hackers spread Sony’s secrets across the internet in 2014.
Or when Russian cybercriminals stole data on more than 500 million Yahoo accounts the same year.
Or earlier this year after WikiLeaks revealed CIA computer hacking secrets for criminals, spies and other foreign malefactors to exploit. (We haven’t heard much about the fallout from that, but stay tuned.)
Before the latest series of attacks, officials at Britain’s public health system ignored several warnings that many of its computer systems were unprotected and ripe for exploitation, The New York Times reports.
Apparently, the official attitude there is the same as it is around the world as people are bombarded by cyber warnings (and invitations to reap riches from people they don’t know): What, us worry?
The big questions: Will this latest spate of attacks be a wake-up call to upgrade protections around the world? Or will many people hit the snooze button again?
Microsoft blamed the U.S. government for “stockpiling” software code wielded by the hackers in ransomware attacks. The company’s top lawyer argued that the government should report the weaknesses it discovers rather than hold them as weapons to use later. Microsoft attorney Brad Smith wrote that “an equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.”
Not quite. Tomahawks hit targets and the blast damage is contained. But cyber attacks can damage computers, and disrupt lives, around the world. Ask all those British patients who couldn’t be treated.
Nor is the U.S. immune. Hackers have targeted hospital systems in Washington, D.C., Los Angeles, Boston and Kentucky, The Washington Post reports.
The criminals who unleashed this latest ransomware virus didn’t have to be computer geniuses. New tools make this kind of cyber extortion much easier. Mad skills aren’t needed.
What is needed, however, is for computer users — all of us — to neglect to upgrade security or change passwords. To click on attachments willy nilly. To assume that because our devices haven’t yet been captured, they won’t be.
The crooks and spies are counting on us. And so far, they haven’t been disappointed.