In the UK, the biggest news on Friday was that our National Health Service's IT system had been "attacked". Not only were patients having to be turned away, but machines had stopped in the middle of making MRI scans etc. There was concern that patient records might have been stolen.
On the news, they keep saying that the NHS and other organisations had been "targeted". Reports tell of users of computers being "locked out" and that only paying the ransom gives you back "control" of the machine.
I think this is a misunderstanding of the situation. The media is obsessed with cyber "attacks" and "hacking", with shadowy governments and organisations "targeting" companies or political parties. As far as I can tell, the truth is far worse: this kind of ransom-ware is an indiscriminate infection rather than a targeted attack, and it doesn't just lock you out of your machine, it destroys your data (unless you pay the "ransom"). It could lurk on your machine for weeks transparently, without you realising that all your files were encrypted. Worst of all, if you think you are safe because you are backing your data up to other drives or the cloud, all of these backups can be being silently encrypted too. (Most cloud services allow you to roll back 30 days or so - meaning you have to know you have been infected within 30 days to get your precious files back. Some services allow you to pay extra for a year's roll-back.)
It doesn't seem too big a stretch to envisage companies being wiped out by such an infection, or even a situation where countries lose vital records of their citizens. Certainly the UK's NHS could have lost patient records because it has had fairly lax IT policies until now, and still uses Windows XP in places.
I hope they track down the people who did this.
On the news, they keep saying that the NHS and other organisations had been "targeted". Reports tell of users of computers being "locked out" and that only paying the ransom gives you back "control" of the machine.
I think this is a misunderstanding of the situation. The media is obsessed with cyber "attacks" and "hacking", with shadowy governments and organisations "targeting" companies or political parties. As far as I can tell, the truth is far worse: this kind of ransom-ware is an indiscriminate infection rather than a targeted attack, and it doesn't just lock you out of your machine, it destroys your data (unless you pay the "ransom"). It could lurk on your machine for weeks transparently, without you realising that all your files were encrypted. Worst of all, if you think you are safe because you are backing your data up to other drives or the cloud, all of these backups can be being silently encrypted too. (Most cloud services allow you to roll back 30 days or so - meaning you have to know you have been infected within 30 days to get your precious files back. Some services allow you to pay extra for a year's roll-back.)
It doesn't seem too big a stretch to envisage companies being wiped out by such an infection, or even a situation where countries lose vital records of their citizens. Certainly the UK's NHS could have lost patient records because it has had fairly lax IT policies until now, and still uses Windows XP in places.
I hope they track down the people who did this.