I was sitting in a hotel in Budapest when I first heard about the latest ransomware attack that hit Europe. Not exactly the kind of news you want to hear about a few hours before you are preparing for a long day of travel and not knowing what systems might be affected.
I don’t think there is much that I can write directly about Petya/NotPetya that hasn’t been said – especially since I haven’t had much time to study the story in the depth I usually do before coming to write here. Yet the ransomware attack reminds us of something important: Cyberattacks are often global events and it doesn’t matter where you are from, we all tend to have poor cybersecurity practices.
We tend to talk a lot about how countries attack each other. We don’t often talk about cyberattacks coming from individuals or specific organizations. Instead, an attack comes from Russia or it comes from China or it comes from fill-in-the-blank country. (And yes, as I was reminded this past week, cyberattacks come from the United States, too.) There are times when this is happening, that it is a nation-state attack from one country to another. But have we reached a point where we need to look at the universality of cyberattacks, where we are all equally at risk of becoming victims and being affected because of a minority of bad actors who happen to live in a particular country or region?
Some security experts think that we are just beginning to see the devastation of global attacks, and CNET gives one explanation of why:
Ransomware has been around for years but generally only targeted individual networks, like a single hospital or person. But after the Shadow Brokers hacker group leaked National Security Agency exploits in April, cybercriminals were handed a much more dangerous weapon. . . . The NSA's EternalBlue exploit, which took advantage of a Windows PC's ability to quickly spread files across a network, is the ammunition that powers both WannaCry and GoldenEye.
I think we also see how we play a role in global cybersecurity and global cyberattacks. As I said, it doesn’t matter where we live; we all share the same bad habits when it comes to protecting our data. As Mike Pittenger, VP of security strategy at Black Duck Software, commented in an email, this latest ransomware attack is an example of what happens when a patch was “pushed” to the users, but many users neglected to install the patch.
And the malware is getting easier to pass along. As the folks at AlertSec mentioned in an email to me, the recent global cyberattack is believed to have originated in an unknowing third-party company. That means an entity that does business with the primary target was used to pass along the virus that eventually crippled businesses throughout Europe and this level of sophistication in cybercrime highlights the need for a complete IT security chain.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba