The WannaCry malware attack has me thinking about cyber security and my exposure. I have at least one system in my home that is vulnerable to this attack and still needs to be patched. Fortunately it has been turned off for the last few weeks. Aside from my personal exposure, I have been researching efforts to fight and predict attacks. This blog post is dedicated to the security community and the fine work they do to stay in front of attacks like WannaCry.
Spy Vs. Spy
The latest attack was an example of ransomware, which promises to release the hold on a particular computer in return for compensation. In this case the ransom was the equivalent of $300 in bitcoins. The malware spread to computers in Europe and Asia until an analyst known as MalwareTech discovered a kill switch and disabled the attack, at least temporarily. MalwareTech and other analysts are constantly evaluating new threats and disabling them often before they propagate and cause widespread damage.
With the proliferation of Internet of Things (IoT) devices, hacking has gone beyond traditional computers and spread to unsecured devices. Since IoT devices are by default connected to the internet and come with their own address, they are vulnerable to attack. Hackers attempt (and sometimes succeed) to control a device through security holes. To combat this, applications such as Mirai were designed to act like malware but actually close security holes, at least temporarily. Technically, since the virus is spread without prior notification, it is still an example of hacking and therefore illegal. This is an example of “white hat” hackers versus “black hat.”
Predictive Cyber Security
I have written before about predictive analysis in conjunction with machine learning and AI. Using advanced algorithms, researchers are developing applications that can predict attacks based on patterns and previous system activity. With this information they can sometimes stop an attack before it breaches an organization’s defenses. Ideally this would stop every attack before it starts, but the algorithms are imperfect. With experience, these programs should combat most threats in the future.
Cyber security is complicated and as quickly as analysts spot vulnerabilities, hackers are there to exploit those holes. There is a need for trained security analysts to build and maintain defenses in our automated world. It is hard to turn over control to robots and automated manufacturing systems and self-driving cars when a security breach could leave us helpless. Certified security experts are needed to watch over our increasingly sophisticated computing ecosystem, as the recent attacks have shown. Do you think your organization is doing all it can to protect itself? Let me know your thoughts.
Kelly Brown is an IT professional and assistant professor of practice for the UO Applied Information Management Master’s Degree Program. He writes about IT and business topics that keep him up at night.