No one could prevent another ‘WannaCry-style’ attack: DHS Official
The U.S. government may not be able to prevent another global cyberattack like WannaCry, a senior cybersecurity official has said.
Jeanette Manfra, the assistant director for cybersecurity for Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), that the 2017 WannaCry cyberattack, which saw hundreds of thousands of computers around the world infected with ransomware, was uniquely challenging because it spread so quickly.
“I don’t know that we could ever prevent something like that,” said Manfra, referring to another WannaCry-style attack. “We just have something that completely manifests itself as a worm. I think the original perpetrators didn’t expect probably that sort of impact,” she added.
The WannaCry cyberattack was the first major global security incident in years. Hackers believed to be associated with North Korea used a set of highly classified hacking tools that only weeks earlier had been stolen from the National Security Agency .The tools allowed anyone who used them to infect with a backdoor thousands of vulnerable computers. That backdoor was used to deliver the WannaCry payload, which locked out users from their own files unless they paid a ransom.
Making matters worse, WannaCry had wormable properties, allowing it to spread across a network and making it difficult to contain.
Although the National Security Agency never publicly acknowledged the theft of its hacking tools, Homeland Security said at the time that users were “the first line of defense” against the threat of WannaCry. Microsoft released security fixes weeks earlier, but many had not installed the patches.
“Updating your patches would have prevented a fair amount of people from from being a victim,” said Manfra. Yet data shows that two years after the attacks, more than a million computers remained vulnerable to the ransomware.
Manfra said “bad things are going to happen,” but that efforts to mobilize government and the private sector can help combat cyberattacks as they emerge.
Manfra’s remarks came just weeks after her department warned of a new, emerging threat posed by BlueKeep, a vulnerability found in Windows 7 and earlier, which experts say has the capacity to trigger another global incident similar to the WannaCry attack. BlueKeep can be exploited to run malicious code — such as malware or ransomware — on an affected system.
Like WannaCry, BlueKeep also has wormable properties, allowing it to spread to other vulnerable computers on the same network. It’s estimated that a million internet-connected devices are vulnerable to BlueKeep.
An expert says, nothing is secure in this world of digital and the social media make more vulnerable, If the software can make certain things for convenient and others can break it, the culprit is not only the hackers but also the security companies , Coders and software experts.
Now a question comes on , while Enterprises today are spending money on things like antivirus and firewalls and intrusion detection and prevention systems for their network. But what do you do if any of that fails? Many enterprises has come up recently at the global level to protect the security, but seems they are failed. No one has the correct measure to protect, still few enterprises share value is skyrocketing ,whereas, some are also getting merged or closed their operations.