It's ironic that the Internet and its predecessor, Arpanet, were designed to ensure that communications would be maintained, even in the event of massively destructive war, by re-routing around damage, yet by becoming the primary means of global communication upon which we all depend, it has made us more vulnerable to attacks, whether by teenagers, terrorists, criminals or state adversaries.
Over the last few days the apocalyptic prophesies of just how our modern world might crumble in a cyber-storm appeared to be coming to fruition. In the UK at health services around the country, doctors and nurses lost access to critical data, causing A&E departments to close, operations to be cancelled, and patients to suffer – and even if no deaths have been reported (yet), lives were put at risk.
In addition, as the WannaCrypt0r 2.0 ransomware spread around the globe, production lines were shut down, banks and government departments hit, and remediation costs soared, put by some estimates at more than £100 million in the UK alone.
There are many lessons to be learned – the most urgent being, keep your software up to date, ensure you patch your systems, and always back up your data. And if you haven't already installed the EternalBlue (MS17-010) Exploit patch from Microsoft – do it now!
But beyond the immediate, there are longer-term lessons flowing out from the attack, which was indirectly caused by the NSA sitting on zero days to use as tools for cyber-espionage, which were then stolen by cyber-criminals, the Shadow Brokers, who then released them for all to use when their auction failed. And ultimately, criminals added them to their arsenal, notwithstanding Microsoft issuing a patch ahead of their release.
It's easy to understand why special services – from any country – might wish to hoard the means to undermine their potential adversaries. The argument against is not a moral one, but a practical one – that what could happen is what has just happened. If you do not report and fix weaknesses, you cannot be sure who will exploit them.
It's the same argument as that made against introducing backdoors to undermine encryption.
Either information is secure or it's not.
If you make it insecure for your ‘good purposes', then it's also potentially insecure for the bad guys to make use of the same weaknesses.
The current ongoing attack is too serious to simply describe as a ‘wake up call' as its consequences are not yet known, but when the dust settles, let's hope we don't just go back to ‘business as usual'.