Back to Contents

Volume: 3 Issue: 5
(May 2017)

Keywords:
wannacry cyber security industry explores ways deter future attacks 12 may 2017 wannacry ransomware virus hit 230 000 computers over 150 countries

Options:
Share This Page



WannaCry: cyber security industry explores ways to deter future attacks

On 12 May 2017, the WannaCry ransomware virus hit more than 230,000 computers in over 150 countries. The attack exploited a security weakness in unpatched versions of Windows computers, encrypting data and demanding payment in cryptocurrency Bitcoin for its release. Among the organisations impacted by WannaCry were the UK’s National Health Service, Russia’s Ministry of Internal Affairs, and the car manufacturing plants of both Renault and Nissan.

In response to the WannaCry attack, the UK’s National Cyber Security Centre (‘NCSC’) published guidance for businesses and consumers on measures to help them prevent becoming a victim to a ransomware attack. The NCSC’s guidance states that there are “easy-to-implement defences against ransomware which very considerably reduce the risk of attack and the impact of successful attacks.” The three measures that the NCSC advised companies and individuals to take are: making sure security software patches are kept up to date, running recommended antivirus software, and backing up data. The need to back up data is considered to be the most important measure for preventing attacks such as WannaCry according to the NCSC, because you can’t be held to ransom for data held elsewhere.

Vladislav Arkhipov, Of Counsel at Dentons LLP, believes that the potential to be hit by ransomware such as WannaCry exists in software vulnerabilities and suggests with that in mind that the development of alternative operating systems could help prevent similar viral ransomware attacks in future. “This insight may have different effects on policy, including incentives to promote more competition in the market of operating systems, something which we have not yet really seen,” explains Arkhipov. “There are examples of governmental institutions which operate on systems alternative to the most popular ones, which were in a much safer position.” Arkhipov believes that as WannaCry was ransomware specifically designed to exploit vulnerabilities within the Windows operating system, introducing policy which stimulates competition in the market for operating systems could be one way of making it difficult for malware to spread so effectively.

Whichever practical preventative measures companies and individuals take to avoid cyber attacks of this magnitude in the future, Arkhipov believes that the first measure to be undertaken should be to seek a greater understanding of the people that carry out such attacks. “If we speak about the very grand scheme of things,” concludes Arkhipov, “what should be investigated first are the reasons why such global threats exist. To put it simply - why people are willing to initiate these kinds of attacks.”

Search Publication Archives



Our publication archives contain all of our articles.
Can’t find what you are looking for?
Try an Advanced Search

Log in to cyber security practitioner
Subscribe to cyber security practitioner
Register for a Free Trial to cyber security practitioner
Sign up for e-mail alerts
cyber security practitioner Pricing

Social Media

Follow cyber security practitioner on TwitterView cyber security practitioner LinkedIn Profilecyber security practitioner RSS Feed