Friday’s massive cyber-attack that compromised tens of thousands of computers in almost 100 countries was the first of its kind, heralding a new chapter in cyber crime, cyber terrorism and cyber warfare. The unknown assailants launched a coordinated offensive unleashing ‘ransomware’; a type of malware that infects Windows computers and restricts access to users’ data unless a sum of money is paid in a certain amount of time. Failing to do this the malware, called WannaCry, then erases all data.
The attack affected the networks of hospitals, telecommunications, railways, power plants, ticket vending machines, government ministries, universities in addition to personal computers using a vulnerability in the Microsoft operating system that was first uncovered by America’s NSA. It affected computers in America, Europe, Asia and South America at an unprecedented scale. It was short of a fire-sale attack that would have crippled an entire country’s transportation, financial and utilities infrastructure.
One of the biggest casualties was Britain’s NHS (National Health Service) network that left tens of hospitals unable to provide services to patients with scheduled surgeries cancelled because doctors were unable to access pertinent information.
The irony is that the NSA itself was hacked in April and the culprits posted the tools that would allow others to hack into Windows computers online. To say that Friday’s event was a culmination of a year of server breaches that allegedly influenced the results of US presidential elections, among other things, would be an understatement. But it underlines the reality of the digital world we live in today and the complete reliance on the internet as a global network that has become the nervous system of every aspect of human activity.
The vulnerabilities of the digital global system that we have become part of are not new. From email scams to spyware to computer viruses to hacking, millions of users around the globe had fallen victims to individuals and groups, some associated with governments, who were able to keep up with and sometimes stay ahead of continuous security upgrades. Hacking cost the global economy $445 billion (Dh1.63 trillion) in 2016. Friday’s enormous breach proves what some experts, and science fiction writers, have warned of for a while; that no government, organisation or individual will be spared. Moreover, it further demonstrates that the likelihood of a devastating cyber warfare or cyber terror event that could claim innocent lives is stronger than ever.
Multi-billion dollar business
Protecting sensitive digital data is already a multi-billion dollar business. The global cybersecurity market is estimated to be worth $120 billion in 2017, compared to $3.5 billion in 2004. Banks and other financial institutions, which spend three times as much on IT security as non-financial institutions, remain helpless despite investing huge sums of money, almost 12 per cent of their budgets, on firewalls, encryption technology and various security systems. But even governments can lag behind in upgrading and updating their systems due to budget cuts and bureaucratic obstacles. One recent survey found that governments, in general, spend less than private companies on IT initiatives.
Remarkably, the US government will invest $19 billion on cybersecurity in 2017, up from $14 billion that was budgeted in 2016. But will this be enough to protect civilian and well as defence-related systems from hackers? One wonders how much investment is made by Arab governments in cybersecurity and if these governments have acceptable security systems in place to begin with. Ironically, under developed or developing countries, which are less dependent on digital networks, may prove to be more secure, for now, compared to more technically advanced countries.
But not for long! The global economy requires that central banks as well as commercial banks be online through sophisticated networks. Modern transportation systems, utility plants as well as medical facilities and defence structures cannot function without being part of a local or global network. That makes them susceptible to foreign and domestic cyber attacks.
Hackers have demonstrated time and again that they can cope with the fast evolving global IT culture. WikiLeaks would not exist if it was not for the internet and the tools it provides. Governments are setting up units that carry out cyber surveillance of individuals, groups and hostile entities. And terrorists too are using the internet to recruit, spread ideas and communicate among themselves. It is no wonder that the issue of online individual privacy has become contentious as governments try to reconcile it with the pressing factor of national security.
At a time when regional authorities are talking about setting up and institutionalising e-government, Friday’s cyber attack should bring the issue of cyber security firmly to the forefront. Digital data whether private, public or strategic must be protected from hackers, hostile governments and terrorists alike. Holding such information for ransom or worse is testimony to the uncertainty and precariousness of the digital age that we live in.
Osama Al Sharif is a journalist and political commentator based in Amman.
