Wannacry, smoke and mirrors

Wannacry, smoke and mirrors

May 16, 2017
A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017. — Reuters
A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017. — Reuters

THE “Wannacry” computer bug has hit hundreds of thousands of computers around the world and according to the experts could strike many more. It is a “ransomware” worm which locks up computer systems and demands $300 for their release. Victims are told the payment required will double if it is not made within 48 hours.

Analysts in the US say the bug, which began to strike on Friday, is probably the work of a criminal organization. Coming from America, this is often shorthand for “Russia”. Yet independent reports suggest that thousands of Russian computers have also been infected.

Yet as dastardly criminal conspiracies go, “Wannacry” does not seem to be doing very well. The ransoms must be paid in bitcoins. Although the ownership of this cyber-currency is supposedly untraceable, transaction flows can be monitored. Thus it seems that around 160 victims have so far paid up but the total sum raked in by the criminals is only around $50,000.

Moreover, as with so much in the computer security world, there is probably a great deal in the way of smoke and mirrors going on here. “Wannacry” attacks only computers using Microsoft Windows systems. The Seattle-based company has issued an angry statement accusing the US government intelligence agencies of “stockpiling” an arsenal of cyber weapons developed around flaws discovered in computer operating systems and programs. Microsoft said the technique used in the “Wannacry” worm had been developed at the National Security Agency, from whose systems it had subsequently been stolen.

It is a given that governments around the world are busy developing aggressive programs that can be used to incapacitate the computer networks of rivals. The Stuxnet worm that targeted industrial systems and in particular the Iranian nuclear weapons program is generally assumed to have been developed in the US, possibly with help from Israel.

Modern war theory works on the basis that in time of conflict, disabling the enemy’s communications networks and operational systems at every level of its economy is a rapid way of moving to dominate the actual battlefield.

What is extraordinary is that the NSA, in its citadel of cybersecurity at Ford Meade in Maryland, should have had its own systems penetrated, apparently by a criminal organization. The NSA is still reeling from the leaks from Edward Snowden, the contractor it hired, who was able to smuggle out millions of top-secret files detailing the extent to which America was spying on its own people as well as close allies.

And yet, and yet… there is a strong suspicion that some computer bugs have in the past actually been launched from somewhere within the multibillion dollar computer security industry. The level of surveillance that governments must deploy to guard against terrorism and organized crime means that there is no such thing as a secure computer that is connected in any way to the Internet. But what is a sword to protect society from evil can, if it falls into the wrong hands, equally become a dangerous weapon.

The one certain outcome of the “Wannacry” worm is that all around the world more investment will be made in anti-virus software and regular system upgrades, while it is still just possible, given the relative financial failure of this ransomware, that the master cyber criminal will turn out to be another spotty youth working from his bedroom.


May 16, 2017
HIGHLIGHTS