Ransomware Everywhere: The WannaCry Attack and the State of Cybersecurity
Join Wilson Center Global Fellows Benjamin Buchanan and Tom Kellermann for a Ground Truth Briefing teleconference about WannaCry and the state of cybersecurity.
Event Sponsor
Overview
WannaCry has encrypted the data on thousands of computers in more than 150 countries in what officials describe as the biggest such attack in history. What do we know about the ransomware and its creators? What are the possible responses? What can this attack tell us about broader geopolitical dynamics and policy imperatives?
With the cybersecurity community and leaders in government and business still reeling, Wilson Center Global Fellows Benjamin Buchanan and Tom Kellermann addressed these questions and more in an in-depth Ground Truth Briefing.
Key Quotes
Benjamin Buchanan:
鈥淥ver the last year, the provenance and activities and behaviors of the Shadow Brokers are probably some of the most mysterious we鈥檝e seen in the cybersecurity landscape.鈥
鈥淲hat鈥檚 significant to me is that the geopolitical intrigue between the Russian Intelligence Service and the NSA (if it is, in fact, the Russians) is playing out with very practical effects for everyone else. If the Russians have burned this tool and released this tool as a warning shot to the NSA, it鈥檚 now being picked up by another actor and that鈥檚 being used to steal money for that actor and cause significant disruption.鈥
鈥淚f, indeed, it was North Korea, if this evidence does check out, then that鈥檚 significant. It鈥檚 another sign that the North Koreans are using cyber capabilities as a means of disruption and as a means, potentially, of funding their regime.鈥
鈥淲hat鈥檚 significant to me [about President Trump鈥檚 executive order on cybersecurity] is how provisional it is and how the bulk of the order is commissioning studies and reviews... This is an order that is not, by itself, incredibly significant.鈥澛
鈥淚f a hospital buys an MRI machine in 2006, it鈥檚 likely to have Windows XP on it. It鈥檚 very unlikely that the MRI has been updated in the past 11 years to something more secure, which makes it very susceptible to ransomware鈥 So going forward, in very critical areas like medicine鈥 I think it鈥檚 vital that we think about security from the ground up.鈥
Tom Kellermann:
鈥淲hat we鈥檙e experiencing here in cyberspace now, essentially, is the perfect storm.鈥
鈥淭he environment is becoming far more hostile, and insomuch as we appreciate that, hackers have really transitioned from burglary to home invasion鈥 The purpose of the targeting is not just theft anymore, but really, colonization.鈥
鈥淭he ransomware that was leveraged is really a precursor for what I think is soon to be more systemic, widespread, destructive attacks leveraged against the U.S. and its allies by nation-states like North Korea and Iran, who have now essentially taken the gloves off, as they have been fully armed by their Russian compatriots, and they now have access to weapons-grade munitions that were stolen from the NSA.鈥
鈥淲hy is it that we still haven鈥檛 allowed the NSA to take their gloves off as it relates to defending the U.S. against these types of attacks and campaigns outside of the U.S.? Why is it that the Russians have come at us full throttle and engaged actors like Shadow Brokers to do their bidding and utilize cyber criminals to leverage colonization campaigns inside our infrastructure and the NSA sits back and, really, watches?鈥
鈥淔rankly, many [experts]鈥 see this [attack] as almost a trial run. What鈥檚 more concerning to us are the other zero-days or the munitions that can鈥檛 be stopped by our current defenses that were stolen from the NSA. It鈥檚 a question of those being turned into worms in the future, in the coming days and weeks. What this [attack] illustrated, most importantly, was that society as a whole is still vulnerable to worms, and not just digitally vulnerable, but kinetically vulnerable to a cyberattack that could render transportation, healthcare, and things like finance useless.鈥
鈥淭he FBI is currently sitting on hundreds of thousands of bitcoins that they seized and they don鈥檛 have any idea what to do with it 鈥 [and they could put it] into some sort of superfund that could be doled out for critical-infrastructure-modernization and security. All that requires is not new legislation, but the modernization of forfeiture laws and the modernization of money laundering statutes.鈥澛
Moderator
Panelists
Ben Buchanan
Senior Faculty Fellow at Georgetown鈥檚 Center for Security and Emerging Technology (CSET) Assistant Teaching Professor at Georgetown University鈥檚 School of Foreign Service Former Postdoctoral fellow at the Belfer Center's Cyber Security Project, John F. Kennedy School Government, Harvard University
Tom Kellermann
Head Of Cybersecurity Strategy for VMware
Hosted By
Digital Futures Project
Less and less of life, war and business takes place offline. More and more, policy is transacted in a space poorly understood by traditional legal and political authorities. The Digital Futures Project is a map to constraints and opportunities generated by the innovations around the corner - a resource for policymakers navigating a world they didn鈥檛 build. Read more
Thank you for your interest in this event. Please send any feedback or questions to our Events staff.
