Wave of Ransomware Attacks Cripples Dozens of Institutions Worldwide Including Britain’s NHS
By Saad Gul and Michael E. Slipsky
Movie buffs are familiar with a favored narrative arc: something with tremendous power, such as the Ebola virus, escapes from its clinical confines and proceeds to wreak havoc on the world. (It also works with aliens, ghosts, and supervillains). A digital variant of this trope appears to be playing out in a global tsunami of ransomware attacks.
Hackers apparently using tools stolen from the National Security Agency unleashed a wave of attacks across the world, virtually crippling the U.K.’s National Health Service. Physicians faced blue computer screens with rows of white letters. British doctors have adapted quickly to the attacks, reverting to pen-and-paper and manual methods.
Dozens of other countries are affected as well. Cybersecurity firm Kaspersky Labs documented tens of thousands of attacks in 75 nations. The identity of the perpetrators was not clear.
However, the attacks highlight the tremendous vulnerability of critical systems around the world. All organizations, particularly where computer failure could be catastrophic in terms of loss of life, need to reevaluate their response plans to prepare for the unpleasant reality.
Because if nothing else is clear, it is that this digital genie is not going back into the bottle. It may not be visible. But it is persistent. And it will assuredly be back.
As I was going up the stair
I met a man who wasn't there!
He wasn't there again today,
Oh how I wish he'd go away!
When I came home last night at three,
The man was waiting there for me
But when I looked around the hall,
I couldn't see him there at all!
Go away, go away, don't you come back any more!
Go away, go away, and please don't slam the door...
Last night I saw upon the stair,
A little man who wasn't there,
He wasn't there again today
Oh, how I wish he'd go away...
Saad Gul and Mike Slipsky, editors of NC Privacy Law Blog
, are partners with Poyner Spruill LLP. They advise clients on a wide range of privacy, data security, and cyber liability issues, including risk management plans, regulatory compliance, cloud computing implications, and breach obligations. Saad (@NC_Cyberlaw
) may be reached at 919.783.1170 or firstname.lastname@example.org
. Mike may be reached at 919.783.2851 or email@example.com