The most recent news concerning the massive cyber-attack knocking down critical systems used by businesses, governments and hospitals throughout the world serves as a reminder that bureaucrats are largely powerless to predict and prevent these types of attacks. And as hackers become better at exploiting system vulnerabilities, cyber-attacks will only become more frequent and increasingly deadly in nature.
For now, there’s a great deal of finger pointing going on as the world attempts to figure out exactly who is responsible for the current virus outbreak.
But it’s looking increasingly likely that the hackers got the computer codes needed to cripple systems used by so many businesses and governments throughout the world from the National Security Agency.
Here’s a little background via The Wall Street Journal:
The attack involved so-called ransomware, in this case called WannaCry, that scrambled files, and asked for ransom of as little as $300 in the online currency bitcoin to decrypt them. The malware used vulnerabilities in Microsoft Corp. software and a tool that a group of hackers had previously made public, saying it had been pilfered from the U.S. National Security Agency. The agency has declined to authenticate the material.
In other words, the NSA (which exploits vulnerabilities in software to keep us all safe) provided hackers step-by-step instructions to install ransomware on critical computers because the agency isn’t even able to keep its own information safe.
NPR reported that the malware used to infect computers with the WannaCry virus was stolen from the NSA last month.
The agency and other U.S. intelligence outfits routinely come under fire from the world’s biggest technology and software providers for creating backdoors which massively compromise customer privacy without informing the businesses that the vulnerabilities exist.
Microsoft President Brad Smith said the cyber-attack currently underway is simply the latest development in this disturbing trend.
In a post on the company’s blog, Smith noted:
[T]his attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.
For the heads of tech companies like Smith, these government created problems serve as proof that the private sector must become more involved in protecting Americans from both bad actors and the unintended consequences of government meddling.
A Note from the Bob Livingston Letter™ research team:
In a world where technology is tied to almost every aspect of life, the private sector is looking into new ways to protect far more than just your home computer.
Attacks like the one currently grabbing headlines throughout the world are minor compared to what security experts consider the biggest threat hackers pose to the U.S.: The ability to shut down massive parts of our nation’s power grid.
Just last week, President Donald Trump ordered federal agencies and local governments to examine exactly how a massive cyber-attack on energy infrastructure would affect Americans and how government would go about addressing a massive shutdown.
But just as companies like Microsoft are far ahead of the government in figuring out how to protect users from malware, private energy firms began looking at ways to improve the nation’s power grid long before Trump’s order was issued. It’s a problem that government has been trying not to talk about for far too long, despite rolling warnings from these energy industry insiders.
It’ll take Trump’s order months, even years, to provide information on grid vulnerabilities via bureaucratic pathways. Fortunately, with a president in the White House who is keen on allowing the private sector to take the lead where government can’t, the growing energy security sector will be brought to the table pretty quickly.
These innovators are going to play a major role in improving the nation’s power grid and will become part of an energy security industry worth billions of dollars. Our researchers have watched this new sector emerge, carefully identifying the players best positioned to profit as the nation fixes its vulnerable power grid. To view our in-depth analysis of the perfect opportunities for contrarian investors to profit alongside these innovators, check out our recent special alert: The Real Hacker Threat.