FacebookTwitterGoogle+RedditEmail

The World For Ransom: the Effects of Wannacry

What a stealthy bugger of a problem. Malware deftly delivered, locking the system by encrypting files and making them otherwise impossible to access unless a fee is paid. A form of data  hijacking that can only be admired for its ease of execution, for its viral-like replication that seeks, even hunts, vulnerable “unpatched” computer systems.

The global information environment is well and truly primed for plunder, vulnerable to such malicious “worms” as WannaCry.  Each age creates the next circumstance for profit, often outside the boundaries deemed acceptable at the time.  In a networked age reliant on huge quantities of data, times are good for the intrepid.

The weekend reporting on the WannaCry ransomware worm was filled with predictable gruesomeness, suggesting that the unfortunates turning up to work on a Monday could well discover they were unable to access work files.

Much of the damage had already been done, with notable targets being the National Health System in Britain, and the Spanish telecommunications company Telefonica.[1]  In Britain, patients had to be relocated, and scheduled operations and treatment delayed if not cancelled altogether. Crisis meetings were held by members of the May government.  As one doctor put it in eerily apocalyptic fashion, “our hospital is down.”

Another notable country target was Russia, including networks within the Interior Ministry, suggesting that the cyber misfits in question may have overstretched in their enthusiasm.[2]  Russia tends to figure, as it does in other jottings of demonology, as a place of sanctuary for the cyber crooked, bastion where IT sorties can be launched.  But not now.

More useful, if sobering analysis, came from Nicholas Weaver, who noted that the strength of the attack was its multi-vector nature.  “If a targeted user receives a worm-laden email and clicks on the attachable executable, the worm starts running.”[3]  (Computer speak tends to get mangled in its descriptions, since worms would otherwise crawl. But not wCry, which does its damage at an enthusiastic gallop.)

This delightful worm capitalises on a vulnerability evident in the network protocol in Microsoft Windows termed Server Message Block.  This is where the ransomeware does its bit, encrypting the files in question, and locking out users on pain of ransom.

Much in this saga is based on systems that were never reformed.  UK Health Secretary Jeremy Hunt had been badgered by his shadow counterpart, Jonathan Ashworth, that the NHS’s computer systems were dangerously outdated and susceptible to attack.[4]

While victim blaming is second nature to this trade, Weaver’s salient observation is that the computer industry is just as responsible, if not more so.  The persistent use of executable attachments should trigger liability, if not shame.

Developers and members of industry, in other words, should be made the classroom dunces.  “Our bottom line up front,” claim Ben Buchanan, Stuart Russell and Michael Sulmeyer for Lawfare, “is that, VEP (Vulnerabilities Equities Process) or no VEP, today’s ransomeware attack highlights the risks of relying on software that is no longer supported by its developer (like windows XP) and of not applying patches that the developer makes available (like MS17-010).”[5]

This brings us to the body that keeps giving, albeit indirectly and haphazardly: the US National Security Agency.  In April, a group calling itself Shadow Brokers released a set of tools pilfered from the NSA, including the vulnerability occasioned by SMB.

The Microsoft public relations machine went through the motions of putting out the fires, explaining that the company had already dealt with the vulnerabilities (patched them, if you will) in March, including a patch against the spread of the WannaCry ransomware.  Much of this was occasioned by a helpful disclosure to the company from US government sources.

This entire process revealed a certain dance between government agencies and vendors in the exchange system known as the VEP. Through this tense understanding, the US government designates which discovered software vulnerabilities should be passed on to vendors.

The vendors, in turn, apply the relevant, protective patches, though whether this is actually done is quite another matter.  There is also every chance that the US government will refuse to reveal such a vulnerability in the first place. Being in the business of hacking, some cards will be well and truly hidden, to be procured when required.  Such an instance arose in 2014, when the Heartbleed vulnerability was exposed to much fanfare.  The response from US government officials was one of implausible deniability.

Entities such as the Patients’ Association in Britain have condemned the outfit behind the attack, but also noted that the entire establishment remained green and inadequately prepared. Unprotected and unbacked, software left unsupported by developers is fit for the dustbin of history.  In the meantime, the catastrophe stemming from future attacks is easy to envisage.

Notes

[1] http://www.reuters.com/article/us-spain-cyber-idUSKBN1881TJ

[2] http://varlamov.ru/2370148.html

[3] https://www.lawfareblog.com/crying-about-wannacry-notable-features-newest-ransomware-attack

[4] https://www.theguardian.com/society/2017/may/13/jeremy-hunt-ignored-warning-signs-before-cyber-attack-hit-nhs

[5] https://www.lawfareblog.com/real-lesson-wannacry-ransomware

More articles by:

Binoy Kampmark was a Commonwealth Scholar at Selwyn College, Cambridge. He lectures at RMIT University, Melbourne. Email: bkampmark@gmail.com

September 25, 2018
Binoy Kampmark
Parasitic and Irrelevant: The University Vice Chancellor
September 24, 2018
Jonathan Cook
Hiding in Plain Sight: Why We Cannot See the System Destroying Us
Gary Leupp
All the Good News (Ignored by the Trump-Obsessed Media)
Robert Fisk
I Don’t See How a Palestinian State Can Ever Happen
Barry Brown
Pot as Political Speech
Lara Merling
Puerto Rico’s Colonial Legacy and Its Continuing Economic Troubles
Patrick Cockburn
Iraq’s Prime Ministers Come and Go, But the Stalemate Remains
William Blum
The New Iraq WMD: Russian Interference in US Elections
Julian Vigo
The UK’s Snoopers’ Charter Has Been Dealt a Serious Blow
Joseph Matten
Why Did Global Economic Performance Deteriorate in the 1970s?
Zhivko Illeieff
The Millennial Label: Distinguishing Facts from Fiction
Thomas Hon Wing Polin – Gerry Brown
Xinjiang : The New Great Game
Binoy Kampmark
Casting Kavanaugh: The Trump Supreme Court Drama
Max Wilbert
Blue Angels: the Naked Face of Empire
Weekend Edition
September 21, 2018
Friday - Sunday
Alexandra Isfahani-Hammond
Hurricane Florence and 9.7 Million Pigs
Andrew Levine
Israel’s Anti-Semitism Smear Campaign
Paul Street
Laquan McDonald is Being Tried for His Own Racist Murder
Brad Evans
What Does It Mean to Celebrate International Peace Day?
Nick Pemberton
With or Without Kavanaugh, The United States Is Anti-Choice
Jim Kavanagh
“Taxpayer Money” Threatens Medicare-for-All (And Every Other Social Program)
Jonathan Cook
Palestine: The Testbed for Trump’s Plan to Tear up the Rules-Based International Order
Jeffrey St. Clair
Roaming Charges: the Chickenhawks Have Finally Come Back Home to Roost!
David Rosen
As the Capitalist World Turns: From Empire to Imperialism to Globalization?
Jonah Raskin
Green Capitalism Rears Its Head at Global Climate Action Summit
James Munson
On Climate, the Centrists are the Deplorables
Robert Hunziker
Is Paris 2015 Already Underwater?
Arshad Khan
Will Their Ever be Justice for Rohingya Muslims?
Jill Richardson
Why Women Don’t Report Sexual Assault
Dave Clennon
A Victory for Historical Accuracy and the Peace Movement: Not One Emmy for Ken Burns and “The Vietnam War”
W. T. Whitney
US Harasses Cuba Amid Mysterious Circumstances
Nathan Kalman-Lamb
Things That Make Sports Fans Uncomfortable
George Capaccio
Iran: “Snapping Back” Sanctions and the Threat of War
Kenneth Surin
Brexit is Coming, But Which Will It Be?
Louis Proyect
Moore’s “Fahrenheit 11/9”: Entertaining Film, Crappy Politics
Ramzy Baroud
Why Israel Demolishes: Khan Al-Ahmar as Representation of Greater Genocide
Ben Dangl
The Zapatistas’ Dignified Rage: Revolutionary Theories and Anticapitalist Dreams of Subcommandante Marcos
Ron Jacobs
Faith, Madness, or Death
Bill Glahn
Crime Comes Knocking
Terry Heaton
Pat Robertson’s Hurricane “Miracle”
Dave Lindorff
In Montgomery County PA, It’s Often a Jury of White People
Louis Yako
From Citizens to Customers: the Corporate Customer Service Culture in America 
William Boardman
The Shame of Dianne Feinstein, the Courage of Christine Blasey Ford 
Ernie Niemi
Logging and Climate Change: Oregon is Appalachia and Timber is Our Coal
Jessicah Pierre
Nike Says “Believe in Something,” But Can It Sacrifice Something, Too?
Paul Fitzgerald - Elizabeth Gould
Weaponized Dreams? The Curious Case of Robert Moss
FacebookTwitterGoogle+RedditEmail