World­wide at­tack de­mands col­lab­o­ra­tion

The Hamilton Spectator - - OPINION - Howard El­liott

Surg­eries at some Bri­tish hospi­tals were can­celled. De­liv­er­ies by FedEx were dis­rupted. In Spain, gas com­pa­nies and tele­coms were hit. Some car fac­to­ries in France had to stop pro­duc­tion. One-thou­sand com­put­ers in Rus­sia’s in­te­rior min­istry were in­fected.

And, ex­perts say, that’s what get­ting lucky looks like. This week­end’s in­ter­na­tional cy­ber­at­tacks could have been so much worse. But for the ac­tions of a young cy­ber re­searcher in Bri­tain, who found a ‘kill switch’ in the Wan­nacry ran­somware, this story could be much scarier. How bad? Bri­tish nu­clear sub­marines use the same ver­sion of Win­dows that was vic­tim­ized by the at­tack. Pic­ture what could hap­pen to sub­marines armed with nu­clear weapons if their com­puter con­trols were frozen in mid-op­er­a­tion.

This isn’t sci­ence fic­tion. Cy­ber crime and ter­ror­ism are tak­ing on new and fright­en­ing di­men­sions. Hys­te­ria is un­needed and un­wise. Ex­treme con­cern is not.

Com­puter gi­ant Mi­crosoft says the at­tack should serve as a wake-up call. Let’s hope Mi­crosoft is look­ing in the mir­ror when it says that, con­sid­er­ing that it was a se­cu­rity flaw in a re­cent Win­dows re­lease that was ex­ploited. The com­pany is­sued a patch but many com­put­ers had not been up­dated. The weak­ness is thought to have been dis­cov­ered by the Amer­i­can Na­tional Se­cu­rity Ad­min­is­tra­tion.

And yet, 200,000 peo­ple in more than 150 coun­tries were caught flat-footed. That’s not the worst part. One threat has been neu­tral­ized, but even the cy­ber sleuth who dis­cov­ered the fix has wor­ried aloud that the hack­ers will sim­ply find a new way to en­able the ran­somware. Plug another hole, and they’ll come up with another new threat. The fin­ger in the dike ap­proach will not work here. That has ex­perts like aca­demic and writer Zeynep Tufekci sug­gest­ing that the world needs a “com­plete over­haul of how tech­nol­ogy com­pa­nies, gov­ern­ments and in­sti­tu­tions op­er­ate and han­dle soft­ware.” And it has to hap­pen at the high­est lev­els where re­sources are avail­able. The re­spon­si­bil­ity can’t be left for cash- and re­source-strapped agen­cies such as Bri­tain’s Na­tional Health Sys­tem.

At ev­ery level, we need a new, proac­tive and col­lab­o­ra­tive strat­egy to deal with this sort of threat. Set aside pro­tect­ing turf and pro­pri­etary con­cerns.

This is hardly the first such at­tack, al­though it may be the most wide­spread, which means the stakes are higher. We’ve heard all these warn­ings be­fore, but noth­ing has come of them. We sur­vive the cy­ber­at­tack and things pretty much re­turn to nor­mal, which is to say, leav­ing our­selves vul­ner­a­ble to another such at­tack, or some­thing even worse.

Gov­ern­ments and the cor­po­rate world must stand to­gether on this. If not, Tufekci and oth­ers warn, the con­se­quences, sooner or later, will be “un­think­able.”

Newspapers in English

Newspapers from Canada

© PressReader. All rights reserved.