Over the weekend hundreds of thousands of computers around the world were afflicted by ransomware called WannaCry that encrypts files and makes them inaccessible unless the owner forks over a Bitcoin payment. The ransomware exploited a bug in Microsoft software of which the company was aware and for which it had made available a patch. However, users had to download the patch, and for an older version of software, users had to pay for it, so many computers were still vulnerable. Although the hackers who distributed the ransomware are unknown, apparently they used an exploit codenamed ETERNALBLUE, originally developed by the NSA, to penetrate Microsoft’s software.
A computer security expert discovered a kill switch in WannaCry that stopped the program from spreading by diverting it to a dead-end on the internet, but there may be a variant that does not have the kill switch. It is unknown how far the program will spread or what havoc it will ultimately wreak. What is crystal clear, however, is what many computer experts have warned of for years: many of the world’s computers and much of the infrastructure, including the internet, is highly vulnerable to disruption or outright shutdown.
