Could the cyber attack have been avoided?
At least 200,000 users were hit on Friday when criminals paralysed computer systems in roughly 150 countries with a global cyber attack. The hackers exploited a security loophole in the Windows operating system and demanded ransom money in exchange for unlocking the data. Microsoft later claimed that the US intelligence agency NSA had withheld information on system loopholes. Europe's commentators ask what lessons can be learned from the events last weekend.
Intelligence agencies and Microsoft to blame
The IT specialist and former professor at Istanbul's Bilgi University Chris Stephenson explains the causes of the cyber attacks in T24:
“There's no super-brain or super-intelligent, malicious hacker behind these attacks; just the bad intentions of the intelligence agencies, the short-term interests of capitalist-minded governments, and of course the greed of Microsoft in wanting to capitalise even on its own mistakes. ... Another problem is that states now rely on the services of subcontractors in all areas. Even when it comes to security companies. And that explains a whole series of leaks in the US. Snowden, for example, worked for a subcontractor. And although it's not clear exactly how it happened, the NSA espionage programme was leaked by a group named Shadow Brokers in April 2017. The subcontractors are at the top of the list of suspects.”
Vital lessons to be learned
Three lessons can be drawn from the cyber attack, Der Standard writes:
“Firstly: despite numerous warnings, even large companies and important institutions have been too slow in activating the newest updates to close known loopholes. Secondly: this is also the responsibility of the software producers. Medical equipment can't be updated 'just like that' because other software programmes and complex systems are connected to it. IT companies must correct and simplify these procedures. Thirdly: the weapons were part of the NSA's repertoire. Once again an intelligence agency has preferred to exploit loopholes rather than report them. The Austrian army is also thinking about compiling loopholes which it euphemistically calls ‚active defense'. Political measures must be taken to stop that.”
Putin waging an IT guerrilla war
Huffington Post Italia suspects that the long arm of the Kremlin is behind the cyber attacks:
“The situation is so extraordinary because it involved the uncontrolled and simultaneous spread of a virus that stems from the software Eternal Blue, which the US intelligence agency NSA developed to pursue its own institutional objectives. A group of hackers purportedly financed by the Kremlin hacked into the NSA's security system and usurped and spread the malware. This raises the question: who is the NSA using Eternal Blue against, and for how long? ... Why wasn't the theft immediately reported with appropriate warnings? ... And: does Putin still have the hackers who he's long been grooming and financing under his control? How long can the international community allow Putin to wage a global IT guerrilla war with impunity?”
Digital hygiene concerns everyone
Without a minimum of digital hygiene even the best technology won't help, explains Spain's former secretary of state for security Francisco Martínez Vázquez in El Mundo:
“More important even than good technology is to raise public awareness of the growing and alarming problem of cyber security. The dissemination of certain digital hygiene measures is indispensable if we want to protect ourselves against the most worrying threat to our security. ... Cyber criminals attack hundreds of thousands of targets at the same time, mainly under the cover of anonymity and concealment offered by the deep web, and exploit the global omnipresence of the Internet.”