FacebookTwitterGoogle+RedditEmail

The World For Ransom: the Effects of Wannacry

What a stealthy bugger of a problem. Malware deftly delivered, locking the system by encrypting files and making them otherwise impossible to access unless a fee is paid. A form of data  hijacking that can only be admired for its ease of execution, for its viral-like replication that seeks, even hunts, vulnerable “unpatched” computer systems.

The global information environment is well and truly primed for plunder, vulnerable to such malicious “worms” as WannaCry.  Each age creates the next circumstance for profit, often outside the boundaries deemed acceptable at the time.  In a networked age reliant on huge quantities of data, times are good for the intrepid.

The weekend reporting on the WannaCry ransomware worm was filled with predictable gruesomeness, suggesting that the unfortunates turning up to work on a Monday could well discover they were unable to access work files.

Much of the damage had already been done, with notable targets being the National Health System in Britain, and the Spanish telecommunications company Telefonica.[1]  In Britain, patients had to be relocated, and scheduled operations and treatment delayed if not cancelled altogether. Crisis meetings were held by members of the May government.  As one doctor put it in eerily apocalyptic fashion, “our hospital is down.”

Another notable country target was Russia, including networks within the Interior Ministry, suggesting that the cyber misfits in question may have overstretched in their enthusiasm.[2]  Russia tends to figure, as it does in other jottings of demonology, as a place of sanctuary for the cyber crooked, bastion where IT sorties can be launched.  But not now.

More useful, if sobering analysis, came from Nicholas Weaver, who noted that the strength of the attack was its multi-vector nature.  “If a targeted user receives a worm-laden email and clicks on the attachable executable, the worm starts running.”[3]  (Computer speak tends to get mangled in its descriptions, since worms would otherwise crawl. But not wCry, which does its damage at an enthusiastic gallop.)

This delightful worm capitalises on a vulnerability evident in the network protocol in Microsoft Windows termed Server Message Block.  This is where the ransomeware does its bit, encrypting the files in question, and locking out users on pain of ransom.

Much in this saga is based on systems that were never reformed.  UK Health Secretary Jeremy Hunt had been badgered by his shadow counterpart, Jonathan Ashworth, that the NHS’s computer systems were dangerously outdated and susceptible to attack.[4]

While victim blaming is second nature to this trade, Weaver’s salient observation is that the computer industry is just as responsible, if not more so.  The persistent use of executable attachments should trigger liability, if not shame.

Developers and members of industry, in other words, should be made the classroom dunces.  “Our bottom line up front,” claim Ben Buchanan, Stuart Russell and Michael Sulmeyer for Lawfare, “is that, VEP (Vulnerabilities Equities Process) or no VEP, today’s ransomeware attack highlights the risks of relying on software that is no longer supported by its developer (like windows XP) and of not applying patches that the developer makes available (like MS17-010).”[5]

This brings us to the body that keeps giving, albeit indirectly and haphazardly: the US National Security Agency.  In April, a group calling itself Shadow Brokers released a set of tools pilfered from the NSA, including the vulnerability occasioned by SMB.

The Microsoft public relations machine went through the motions of putting out the fires, explaining that the company had already dealt with the vulnerabilities (patched them, if you will) in March, including a patch against the spread of the WannaCry ransomware.  Much of this was occasioned by a helpful disclosure to the company from US government sources.

This entire process revealed a certain dance between government agencies and vendors in the exchange system known as the VEP. Through this tense understanding, the US government designates which discovered software vulnerabilities should be passed on to vendors.

The vendors, in turn, apply the relevant, protective patches, though whether this is actually done is quite another matter.  There is also every chance that the US government will refuse to reveal such a vulnerability in the first place. Being in the business of hacking, some cards will be well and truly hidden, to be procured when required.  Such an instance arose in 2014, when the Heartbleed vulnerability was exposed to much fanfare.  The response from US government officials was one of implausible deniability.

Entities such as the Patients’ Association in Britain have condemned the outfit behind the attack, but also noted that the entire establishment remained green and inadequately prepared. Unprotected and unbacked, software left unsupported by developers is fit for the dustbin of history.  In the meantime, the catastrophe stemming from future attacks is easy to envisage.

Notes

[1] http://www.reuters.com/article/us-spain-cyber-idUSKBN1881TJ

[2] http://varlamov.ru/2370148.html

[3] https://www.lawfareblog.com/crying-about-wannacry-notable-features-newest-ransomware-attack

[4] https://www.theguardian.com/society/2017/may/13/jeremy-hunt-ignored-warning-signs-before-cyber-attack-hit-nhs

[5] https://www.lawfareblog.com/real-lesson-wannacry-ransomware

More articles by:

Binoy Kampmark was a Commonwealth Scholar at Selwyn College, Cambridge. He lectures at RMIT University, Melbourne. Email: bkampmark@gmail.com

Weekend Edition
June 15, 2018
Friday - Sunday
Dan Kovalik
The US & Nicaragua: a Case Study in Historical Amnesia & Blindness
Jeremy Kuzmarov
Yellow Journalism and the New Cold War
Charles Pierson
The Day the US Became an Empire
Jonathan Cook
How the Corporate Media Enslave Us to a World of Illusions
Ajamu Baraka
North Korea Issue is Not De-nuclearization But De-Colonization
Andrew Levine
Midterms Coming: Antinomy Ahead
Louisa Willcox
New Information on 2017 Yellowstone Grizzly Bear Deaths Should Nix Trophy Hunting in Core Habitat
Jeffrey St. Clair
Roaming Charges: Singapore Fling
Ron Jacobs
What’s So Bad About Peace, Man?
Robert Hunziker
State of the Climate – It’s Alarming!
L. Michael Hager
Acts and Omissions: The NYT’s Flawed Coverage of the Gaza Protest
Dave Lindorff
However Tenuous and Whatever His Motives, Trump’s Summit Agreement with Kim is Praiseworthy
Robert Fantina
Palestine, the United Nations and the Right of Return
Brian Cloughley
Sabre-Rattling With Russia
Chris Wright
To Be or Not to Be? That’s the Question
David Rosen
Why Do Establishment Feminists Hate Sex Workers?
Victor Grossman
A Key Congress in Leipzig
John Eskow
“It’s All Kinderspiel!” Trump, MSNBC, and the 24/7 Horseshit Roundelay
Paul Buhle
The Russians are Coming!
Joyce Nelson
The NED’s Useful Idiots
Lindsay Koshgarian
Trump’s Giving Diplomacy a Chance. His Critics Should, Too
Louis Proyect
American Nativism: From the Chinese Exclusion Act to Trump
Stan Malinowitz
On the Elections in Colombia
Camilo Mejia
Open Letter to Amnesty International on Nicaragua From a Former Amnesty International Prisoner of Conscience
David Krieger
An Assessment of the Trump-Kim Singapore Summit
Jonah Raskin
Cannabis in California: a Report From Sacramento
Josh Hoxie
Just How Rich Are the Ultra Rich?
CJ Hopkins
Awaiting the Putin-Nazi Apocalypse
Mona Younis
We’re the Wealthiest Country on Earth, But Over 40 Percent of Us Live in or Near Poverty
Dean Baker
Not Everything Trump Says on Trade is Wrong
James Munson
Trading Places: the Other 1% and the .001% Who Won’t Save Them
Rivera Sun
Stop Crony Capitalism: Protect the Net!
Franklin Lamb
Hezbollah Claims a 20-Seat Parliamentary Majority
William Loren Katz
Oliver Law, the Lincoln Brigade’s Black Commander
Ralph Nader
The Constitution and the Lawmen are Coming for Trump—He Laughs!
Tom Clifford
Mexico ’70 Sets the Goal for World Cup 
David Swanson
What Else Canadians Should Be Sorry For — Besides Burning the White House
Andy Piascik
Jane LaTour: 50+ Years in the Labor Movement (And Still Going)
Jill Richardson
Pruitt’s Abuse of Our Environment is Far More Dangerous Than His Abuse of Taxpayer Money
Ebony Slaughter-Johnson
Pardons Aren’t Policy
Daniel Warner
To Russia With Love? In Praise of Trump the Includer
Raouf Halaby
Talking Heads A’Talking Nonsense
Julian Vigo
On the Smearing of Jordan Peterson: On Dialogue and Listening
Larry Everest
A Week of Rachel Maddow…or How I Learned to Stop Worrying and Love Ronald Reagan
David Yearsley
Hereditary: Where Things are Not What They Sound Like
FacebookTwitterGoogle+RedditEmail