Security Expert Weighs In On Worldwide Ransomware Hack

May 13, 2017
Originally published on May 14, 2017 10:28 am
Copyright 2017 NPR. To see more, visit http://www.npr.org/.

SCOTT SIMON, HOST:

The cyberattack that crippled computer systems across the world yesterday has exposed vulnerabilities that security experts have warned about. And one of those experts joins us now, Matt Tait, the CEO and founder of Capital Alpha Security in the United Kingdom. Mr. Tate, thanks for being with us.

MATT TAIT: Thanks so much for having me.

SIMON: Were you surprised?

TAIT: Yes. So this particular vulnerability was a vulnerability that's actually been known for a while. It was attacked back in March. It was previously potentially used by the National Security Agency for espionage purposes, but ever since March it's been completely patched.

So people who've been using their modern operating system - so Windows 7 and so on or who've been keeping up to date with their Windows patches - should have been completely secure against this vulnerability. So the fact that so many organizations were vulnerable to this is quite a surprise.

SIMON: And is it over?

TAIT: So at the moment, we're it's still in the eye of the storm. Lots of computers have been infected. Lots of organizations are having to scramble to recover their files through backups and, of course, making sure that they patch their systems so that future waves of ransomware using this particular vulnerability won't further compromise these organizations.

SIMON: I have read that a 22-year-old researcher is the person who inadvertently perhaps stopped the attack, and I'm not sure that that reassures me if that's the case.

TAIT: So that's why - malware research actually based in the U.K. was reverse engineering the malware and discovered that by registering a particular domain that they were able to disable the malware very briefly. Unfortunately, this is a very temporary solution.

We're already starting to see that modified versions of this ransomware that don't query that particular domain are already in the wild. And this means that people can't, you know, just wait around. They do need to patch their systems. And they do need to do it today.

SIMON: Mr. Tait, as you see the world, what else is vulnerable out there, and what can we do about it?

TAIT: Well, at the moment, the real problem is whether or not people have been upgrading their systems and making sure that they've got their patches installed. They're really quite big organizations which have not been doing this, and they do need to be taking a step back and asking how they've allowed this to get to this state' cause this patch came out three months ago. And really, there's no excuse for these systems to still be online if they're not patching against these known vulnerabilities.

SIMON: And do you think as we get through the weekend that there's something that regular ordinary citizens ought to be aware of?

TAIT: At the moment, this is really going to be affecting businesses because businesses are the organizations that have all of these computers online. For people at home, this is going to be a little bit less of a hassle. Of course, it will be affecting businesses like FedEx. It will be affecting businesses like the National Health Service in the U.K. And people that rely on those services, of course, will be affected.

But for people at home, really the advice is to make sure that you've installed your Windows updates and to keep your anti-virus up to date. And really, that is the best way of keeping this type of malware off people's systems at home.

SIMON: Matt Tait is the CEO and founder of Capital Alpha Security. Thanks so much.

TAIT: Thank you very much.

SIMON: You're listening to NPR News. Transcript provided by NPR, Copyright NPR.