Earlier in 2017, hacking group by the name of Shadow Brokers has published documents online which were described as being stolen from the NSA. The documents at hand were packed full with sensitive information which, most cybersecurity experts agree, could be used to infect a wide range of devices including smartphones, laptops, and smart TVs and extract valuable information from them.
On 12th of May, a worldwide cyber-attack dubbed WannaCry has infected over 200,000 systems operating on Windows, including some medical facilities in the US, as well as 48 hospital trusts in the UK. This is exactly why technology giants such as Apple, Google and Microsoft argue with various security agencies against the idea of installing backdoors in their devices and operating systems.
What is WannaCry?
WannaCry, a malware, or to be more precise, a type of Trojan virus typically called “ransomware”. As you can see from its name, this is a type of virus which infects the operating system and encrypts all the files you have on your smartphone or computer. Once everything is completely encrypted, it then sends demands that the users pay a ransom in order to decrypt their files, with the WannaCry virus demanding a ransom of $300 delivered in bitcoins. If users fail to pay the aforementioned amount in three days, the ransom would increase to $600 and if the ransom isn’t paid after seven days, the virus would delete all the user’s data.
Who was affected?
Image source: MalwareTech
This malware has surfaced more than a month ago and security researchers have estimate that close to 300,000 devices were infected in the first 10 days. Information has surfaced that among the affected infrastructure there is a radiology device used in both U.K. and U.S. hospitals. This particular type of equipment, made by Bayer Medrad, is used to improve imaging. Specifically, it’s a type of device used to monitor a power injector that normally helps deliver the contrast agent. Fortunately, operations were restored in less than 24 hours before it could inflict any irreversible damage.
What does this have to do with Apple?
Law enforcement agencies have been trying for a long time to get their way into otherwise very secure apps, devices, and systems in order to “help their investigations”. A particular example of this behavior happened when the FBI requested Apple’s help to unlock an iPhone which belonged to the San Bernardino shooter. Apple CEO, Tim Cook has strongly opposed this from the get go and repeatedly pointed out that installing a backdoor would critically undermine any encryption efforts, I.e. Apple couldn’t guarantee to their users that their files will remain encrypted and safe.
Furthermore, Cook said during an interview with ABC a couple of years back that if he and his chief engineers knew of a way to add a backdoor without actually exposing millions of personal files, they would most certainly do it. However, this is something that cannot be done safely at this moment, and as such, requires fierce opposition. Our computers and phones often have more information than our entire houses and often include matters such as social security numbers, private pictures, and various location data.
If we consider that the WannaCry ransomware originated from the leaked information from NSA, which hoarded cyber security vulnerabilities, even the biggest opposers to the moves Apple made in its battle against the FBI have to admit that those were the right moves. A backdoor into a device being used by millions of people worldwide handed to state agencies that can’t protect their own systems from external attacks is a ticking time bomb!
Is there a way to stop the virus?
Unfortunately, a fix for infected systems is not yet available and cyber security and IT support experts have been working round the clock ever since the initial outbreak to decrypt the encrypted files. To prevent your system getting infected by this pesky malware, make sure to install any available updates as soon as possible. Additionally, Microsoft has issued an additional security update for Windows 8, Windows XP and Windows Server 2003 so make sure to check their website if you’re using one of these systems.
Besides Apple, Google and Microsoft are both highly critical of this type of behavior displayed by the security agencies. Microsoft has even issued a statement where they publicly condemn hoarding of vulnerabilities by agencies and governments. Snowden has exposed CIA for storing vulnerabilities some time ago and now we see vulnerabilities being stolen from the NSA. Nothing can guarantee that some talented hacker would not use the security agencies access to millions of backdoors and wreak havoc.
In a movie-like turn of events, a young security researcher by the name of Marcus Hutchins has inadvertently managed to slow down the virus by registering a domain name which was hidden inside the code of WannaCry in an effort to track it’s spread. This turned out to be a brilliant idea, as the virus has been significantly slowed down in its progress. At the time of writing this article, WannaCry is still infecting systems around the world.