A day before a global ransomware attack crippled the National Health Service in Britain and struck Russian government offices as well as institutions in dozens of other countries, President Donald J. Trump signed an executive order instructing federal department heads to focus on strengthening cybersecurity, with an eye toward protecting critical national infrastructure like the power grid.
Some are now wondering if the order comes as too little, too late.
Cyber security experts say that the ransomware attack, which spread quickly and struck dozens of countries, will certainly not be the last. And in fact, what the world witnessed on Friday may be just a small-scale dry run for what’s to come.
What’s even more ironic is that the malware, called “WannaCry,” was stolen from the National Security Agency, a finding that will no doubt anger more than a few governments affected by it.
As reported by The Washington Post, the ransomware tied up “critical systems in hospitals, telecommunications and corporate offices” with “tens of thousands of computers in dozens of nations affected.” The attack was especially widespread in Europe, Asia and Latin America, the paper said.
Cyber security experts reported that the malware exploited a flaw in Microsoft software that the company attempted to patch in March. However, it became obvious on Friday as the attack spread that scores of users had not installed the fix. (RELATED: Trump signs order instructing federal agencies to prepare for cyber attacks on power grid)
The malware was stolen from the NSA and leaked online by a criminal organization known only as Shadow Brokers. The Microsoft flaw was described in documents stolen from the NSA.
“When people ask what keeps you up at night, it’s this,” Chris Camacho, the chief strategy officer at Flashpoint, a New York security company following the attacks, told The New York Times.
This particular malware attack was circulated via email. Ransomware works by immediately encrypting all data on a computer and then locking the user out after the email is opened. It then demands that users pay a ransom in order to have their files and computer unlocked. In Friday’s incident, the attackers demanded about $300 to unlock data.
As reported by the Washington Free Beacon, Trump’s order holds agency chiefs and department heads accountable for upgrading and protecting their information technology systems against cyber attack. The website noted the White House and U.S. intelligence services, as well as the head of the NSA and U.S. Cyber Command, Navy Adm. Mike Rogers, have become increasingly concerned that American infrastructure – banking, mass transit systems, hospitals and the power grid – are susceptible to malware attacks.
“Infiltrations in U.S. critical infrastructure — when viewed in the light of incidents like these — can look like preparations for future attacks that could be intended to harm Americans, or at least to deter the United States and other countries from protecting and defending our vital interests,” Rogers told Congress in testimony on Tuesday.
“We assess that several countries, including Iran, have conducted disruptions or remote intrusions into critical infrastructure systems in the United States,” he said.
Iran attempted to infiltrate U.S. financial institutions and other infrastructure, including a dam in upstate New York, in recent years. (RELATED: Russian Hackers Have Burrowed Into Critical U.S. Infrastructure Like The Electric Power Grid, Says Intelligence Director)
Right now, the goal of these attacks is to extract money. In future attacks using ransomware, experts believe that corporations will be the primary targets, and that ransom demands could be in the hundreds of millions of dollars, collectively.
But what happens if a hacktivist group using stolen NSA software attacks Western and U.S. nuclear plants – and doesn’t ask for money, but something else entirely, like the global destruction of all nuclear weapons or a particular country’s nuclear weapons, with non-compliance leading to massive nuke plant meltdowns?
Either way, there is no reason to believe attacks like the one that occurred Friday are a one-off.
“There is going to be a lot more of these attacks,” Camacho told the Times. “We’ll see copycats, and not just for ransomware, but other attacks.”
J.D. Heyes is a senior writer for NaturalNews.com and NewsTarget.com, as well as editor of The National Sentinel.