EXPERT REACTION: WannaCry malware holds the world to ransom

CC-0
Embargoed until: Publicly released:

Over the weekend, a huge ransomware attack, known as WannaCry, hit hospitals, companies and government agencies in dozens of countries. There have been suggestions that we haven’t seen the last of the ransomware. A computer security expert credited with stopping the spread of the ransomware on Saturday by activating a digital 'kill switch' warned yesterday that a fresh attack was likely. Below, Australian experts respond.

  • Location of Interest:
  • Australia
  • VIC
Australian Science Media Centre
  • Tech / Engineering / Space
Last updated: Tue 16 May 2017

Expert Reaction

These comments have been collated by the Science Media Centre to provide a variety of expert perspectives and reflect independent opinion on this issue. Feel free to use these quotes in your stories. Views expressed are the personal opinions of the experts named. They do not represent the views of the SMC or any other organisation unless specifically stated.

Mr Krishna Prasad is a Senior Lecturer in the School of Business and Law at Edith Cowan University

With growth in technology comes an increase in computer crimes and criminal activities. The global ransomware attack is a clear case of cyberterrorism. The perpetrators of such attacks create fear, destruction and disruption at the click of a button. Countries and security organisations must be more vigilant and prepared to thwart such attacks. More importantly, once such attacks occur, the challenge authorities and governments around the world face in dealing with cyber-attacks is their transnational nature and lack of a cohesive international legal framework to prosecute those responsible for such activities. Cyber-attacks are dynamic and hence the preparedness of our security and government agencies must also be dynamic. Such attacks are a reminder of the threats that accompany the use of modern technology. Society demands governments and security agencies develop a comprehensive response to wrestle such attacks that are proportionate and cost-effective. 

Last updated: 15 May 2017 3:12pm
Professor Asha Rao is Associate Dean of Mathematical Sciences at RMIT University

Holding people to ransom is not new – what is new is the reach that digital ransomware has. The usual suspect in people falling prey to ransomware is the phishing email, an email with the link that is tagged with malware – a virus or a Trojan horse – anything that will allow the sender to somehow take over your computer, email account etc. In the case of ransomware, the link usually results in your computer files being encrypted and the perpetrator asking for money to unlock your files. Regularly backing up your files, onto secure off-site storage (anyplace, like cloud storage - that is not your computer) will help individuals and companies achieve some hardening against such an attack.

Last updated: 15 May 2017 11:04am
Dr Mark Gregory is a Senior Lecturer in the School of Electrical and Computer Engineering at RMIT University

The global Wannacry ransomware attack highlights the need for cyber education, awareness and vigilance. Individuals and organisations should upgrade and update computers to ensure they have the latest operating systems and patches, install anti-virus software that has anti-malware and anti-ransomware capability and backup personal data often.

Global ransomware attacks are just the tip of the iceberg today and malicious attacks by global criminal organisations are occurring at an ever-increasing rate. Whilst the threat of becoming a victim of a ransomware attack is daunting we can take harm minimisation precautions. Computers need to be maintained and protected so it is important to check that regular updates are occurring.

The Wannacry ransomware is likely to be adapted and released again in coming days or weeks so it is vital that we take the time to ensure that we’re prepared. Government security agencies have collected a wide range of malware and ransomware now and new attacks are often carried out using an update of previously released code. For organisations, it is important to subscribe to organisations, like the Australian Cyber Security Centre, to receive threat notifications so that early action can prevent a threat from becoming an unwanted incident.

Last updated: 15 May 2017 10:58am