Ransomware reveals tech challenges past and future

Current IT architecture depends on people to maintain it, and people can let the bad guys in

Ransomware reveals tech challenges past and future

By Richard Beales

NEW YORK (Reuters Breakingviews) - Who'd be in charge of a corporate IT network with hacks, phishing and now a double dose of so-called ransomware to contend with? This week's cyber attack hit targets from Ukraine to the United States and more than 60 other countries. Human error enables hacking of today's network setups. A shift to the cloud reduces that danger, but brings others.

The latest rogue software, a variant of something called Petya, locks computers and posts a message demanding $300 in bitcoins to recover the data. Like the WannaCry virus last month that hit National Health Service computers in the UK, among others, it gets into PCs using code known as Eternal Blue, which security experts believe was developed by the U.S. National Security Agency.

Monday's attack hit Ukraine's international airport, Russian oil group Rosneft, advertising giant WPP and FedEx's TNT Express unit, among others. Its spread may have been limited, though, because after WannaCry many firms patched software including older Microsoft operating systems.

The fact that this wasn't done earlier is a reminder that current IT architecture depends on people to maintain it. And people can let the bad guys in, too. Malevolent phishing emails abound. Though it was done in fun, the fact that the CEOs of Goldman Sachs, Citigroup and Barclays – not to mention the head of the Bank of England – recently responded to prank emails purporting to be from colleagues underlines the human factor.

The cloud, comprising infrastructure managed by the likes of Amazon, Alphabet and Microsoft, ought to be immune from much of this. Protection should be cutting-edge, for example, and advanced detection tools should be in place. Software run in the cloud doesn't need users to update it. Data should be recoverable even if one copy is corrupted.

Yet there are new concerns, too. With today's hybrid system, cloud-based software can propagate Petya or other malicious agents rapidly. A cloud outage can affect far more users than a cyber attack, as customers of Amazon found out in March when part of the company's cloud went dark. Companies may need to hire multiple cloud-services providers to minimize this risk.

And of course cyber criminals and unfriendly state actors will simply set their sights higher. After all, holding the entire cloud to ransom sounds a lot more lucrative than targeting any number of individual computers.

 

CONTEXT NEWS

- A cyber attack wreaked havoc around the globe starting on June 27, crippling thousands of computers, disrupting operations at ports from Mumbai to Los Angeles and halting production at a chocolate factory in Australia.

- The malicious code, believed to have first taken hold in Ukraine a day earlier, locked machines and demanded victims post a ransom worth $300 in bitcoins or lose their data entirely.

- While the malware seemed to be a variant of past campaigns, in part using code known as Eternal Blue believed to have been developed by the U.S. National Security Agency, experts told Reuters it was not as virulent as last month's WannaCry attack.

- The attack, a new strain of ransomware known as Petya, according to online security firm Symantec, was assessed by experts including Microsoft as more sophisticated, leading some to give it a new name or simply the moniker NonPetya.

- The introduction of security patches by Microsoft in the wake of the May attack that crippled hundreds of thousands of computers helped curb the latest malware, though its rapid spread underlined concerns that some businesses have still failed to secure their networks.

- Separately, package-delivery company FedEx on June 28 said operations in its TNT Express unit were disrupted after its information systems were hit by a virus attack.

- Earlier this month Reuters reported that the bosses of Wall Street banks Goldman Sachs and Citigroup had fallen victim to an email prankster who has also managed to connect with the head of Barclays and the governor of the Bank of England.

Latest stories