Read Editorial with D2G – Ep (324)

In Read Editorial With D2G
May 17, 2017

Held at ransom: on the recent ransomware attacks

READ BEFORE YOU PROCEED:
D2G wears no responsibility of the views published here by the respective Author. This Editorial is used here for Study Purpose. Students are advised to learn the word-meaning, The Art of Writing Skills and understand the crux of this Editorial.

MEANINGS are given in BOLD

The menacing (in a way that suggests the presence of danger; threateningly) spread, starting last Friday, of the malicious (intending or intended to do harm) Software WannaCry, which has since infected thousands of computer systems in 150 countries, is a frightening reminder of the vulnerabilities (the quality or state of being exposed to the possibility of being attacked or harmed) of a connected world. The cyber-attackers who unleashed it, as yet unknown, have essentially used chinks in Microsoft’s outdated software to remotely gain access to computers of unsuspecting users so as to lock them out of their files.

These attacks have been in the nature of what are called ‘ransomware,’ wherein attackers demand a ransom (usually in Bitcoins, which are tougher to trace than regular currency) to decrypt (a text that has been decoded) the files they have force-encrypted. Cyber risk modelling firm Cyence estimates the economic damage to be $4 billion, a figure that may not seem daunting (seeming difficult to deal with in prospect; intimidating) for a global-scale disruption such as this one. But its spread has exposed the lack of preparedness among government and private institutions. The list of unsuspecting users who fell prey (kill) to the malware (software which is specifically designed to disrupt, damage, or gain authorized access to a computer system) includes the U.K.’s National Health Service, German transport company Deutsche Bahn, courier delivery services company FedEx and carmaker Renault.

Only some weeks earlier Microsoft had made available a patch to remove the chinks, something that raises doubts over whether even large institutions are complacent (uncritical satisfaction with oneself or one’s achievements) on cyber risks. That government across the world went on alert after the outbreak of the global ‘epidemic’ is some consolation (the comfort received by a person after a loss or disappointment). So is the fact that Indian institutions have been largely unscathed (without suffering any injury, damage, or harm) by the malware until now. Things, however, could have been worse had a British researcher not registered a domain name hidden in the malware, thereby accidentally stopping its spread as also its momentum.

While the state of preparedness is a cause for worry, the likely origin of WannaCry forces stakeholders to revisit a long-standing and uneasy question regarding the actions of governments. WannaCry has its origins in a tool developed by the National Security Agency in the U.S. that was dumped online by a group called the Shadow Brokers. A few days after the malware started spreading, Brad Smith, President and Chief Legal Officer of Microsoft, wrote on his blog that governments should treat it as “a wake-up call” and “consider the damage to civilians that comes from hoarding (a stock or store of money or valued objects, typically one that is secret or carefully guarded) these vulnerabilities.”

His point to governments is this: report vulnerabilities to vendors rather than exploit (make full use of and derive benefit from (a resource)) them. The U.S. assesses the balance between cyber security and national interest through what is called the Vulnerabilities Equities Process, wherein a review board makes a final decision on whether‘vulnerability’ needs to be reported or retained. President Donald Trump’s views on this process are not clear. Cyber threats are only likely to grow, and the world needs to push for global rules on such issues. It is more than obvious now that cyber vulnerabilities have massive global implications (the action or state of being involved in something).

Also Read: