Global cyberattack provides a stark reminder of potential vulnerabilities, need for secure systems
Over the weekend, ransomware was activated across unprotected Windows computers located in more than 150 countries around the world. As a result, users of an estimated 300,000-plus computers were locked out of their data, which hackers said would be released at a cost of $300 in bitcoin currency, which allows recipients to collect anonymously.
Multiple media reports indicate that the ransomware exploited a vulnerability in Microsoft’s Windows operating system, using a tool developed by the National Security Agency (NSA) that was released to the public by WikiLeaks earlier this year. Microsoft issued a software patch to address the vulnerability a month ago, but the patch clearly was not installed by everyone for a variety of reasons, ranging from laziness to a need to avoid updates that would prevent old software applications from operating properly.
Known as WannaCry, the ransomware did not just hit individuals; many enterprises were victimized, including a host of computers associated with the health system in the United Kingdom—a circumstance that created myriad issues for medical staff and patients.
This unfortunate episode serves as yet another reminder that cybersecurity needs to be at the forefront of future developments, particularly as society becomes increasingly reliant on technology to do tasks that have greater importance.
No one is a bigger fan of technology than me—I love to learn about advances and am amazed by all of the innovations being developed by engineers, both from a hardware and software perspective. The functionalities and efficiencies that such solutions promise to bring to society are expected to be critical in the future, from drones to the Internet of Things (IoT) to a wide variety of analytics.
When functioning in harmony, these interconnected advancements should make life safer and more convenient. And the power of software allows many of these solutions to be updated and upgraded quickly, without the need to buy and install new hardware all the time.
But these characteristics also could prove to be problematic, as the latest cyberattack highlights. The WannaCry ransomware is able to spread throughout a computer system, searching for vulnerable devices to attack–users did not have click on a phishing e-mail to be victimized, according to security experts.
Not being able to access patient records was a huge problem for UK hospitals was a huge problem over the weekend, but the scenarios could be much worse in the future, when robotics could be used to perform increasingly important tasks. Similarly, wearable health devices offer tremendous promise to enable monitoring the condition of patients while having minimal impact on their quality of life, but the impact of a cyberattack—or even a unintentional “software glitch”—could have significant implications on a patient.
And the healthcare system is not unique in this regard. Advancements in remote-controlled drones and autonomous vehicles have the potential to provide tremendous convenience, efficiencies and safety, but the notion of a cyberattack or other disruption to the underlying communications networks—for instance, jamming of critical control signals—is frightful. It’s not hard to imagine how an orderly flow of traffic could turn into a demolition derby, if proper safeguards are not in place.
With this in mind, it is vital that the security of the supporting communications networks—both physically and in the cyber realm—is ensured when critical functions are performed. This is a notion that public-safety entities have embraced in the past, and it will be even more important as first responders transition to FirstNet and next-generation 911.
