The overarching cybersecurity theme of summer 2017 is shaping up to be a widespread infosec talent shortage against the backdrop of fear that arose after the WannaCry ransomware threats happened. Adding to the chaos are predictions that more attacks are not only coming, but will be far worse when they hit.
That scenario is opening doors for managed security services providers, managed detection and response firms and virtual CISOs contracting with hospitals to keep them safe.
There have been times over the last two months when Golan Ben-Oni has felt like a voice in the wilderness.
On April 29, someone hit his employer, IDT Corporation, with two cyberweapons that had been stolen from the National Security Agency. Mr. Ben-Oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.
More than 80 percent of CISOs reported that some detected data breaches are going unaddressed, and 70 percent said it is difficult to prioritize threats based on business criticality, according to a new survey of 300 chief information security officers from around the world conducted by ServiceNow, an IT vendor whose products and services include security.
The large scale WannaCry (WannaCrypt) ransomware attack that has crippled over 100,000 computer systems, primarily in health care, is a reminder of just how vulnerable the world’s computing infrastructure really is. But what’s most amazing about the attack is not its scale or the speed with which it spread, but how easily it could have been avoided.
Technology often marches ahead of the ability of government regulators to keep up. A prime example is the internet, which surged ahead in its formative days in part because there was an absence of red tape to hold back its pioneers.
Autonomous vehicles are another example. Researchers and industry are racing to develop, test and eventually market self-driving vehicles, from cars to trucks to small sidewalk delivery robots. The trick for government is how to monitor public safety without forcing unnecessary detours to innovation.
This isn’t my usual biotech beat, but compromising my computer can certainly affect the beat and I don’t like that. Over the last week, a nasty ransom-ware program infiltrated hundreds of thousands computer in 150 countries. It affected 20% of hospitals in the UK and much more.
I don’t understand these misfits who do this; their effects can range from severe inconvenience to mass casualties. I know of a few professors who had their life’s academic work lost due to ransomware. And what about the patients in the UK hospitals whose telemetry suddenly stopped working while they were in intensive care?
Robert Gren was working from home on Friday when, all of a sudden, his laptop stopped working.
What he initially thought was just a kink in his computer’s software was in fact part of a global ransomware attack that has affected more than 200,000 computers and caused untold havoc from China to Britain.
The global ransomware attack called “WannaCry,” which began last week and continues today, could have been avoided, or at least made much less serious, if people (and companies) kept their computer software up to date. The attack’s spread demonstrates how hundreds of thousands of computers in more than 150 countries are running outdated software that leaves them vulnerable. The victims include Britain’s National Health Service, logistics giant FedEx, Spanish telecom powerhouse Telefonica and even the Russian Interior Ministry.
When the National Security Agency began using a new hacking tool called EternalBlue, those entrusted with deploying it marveled at both its uncommon power and the widespread havoc it could wreak if it ever got loose.
There’s a huge court case you need to hear about. It might not be on your radar yet because, frankly, some of it gets pretty technical. But the outcome is likely to have enormous repercussions for online privacy, net neutrality and the economy.