In the aftermath of WannaCry Ransomware, our concept of the network has to change
By now, everyone has heard about WannaCry, the ransomware attack that made headlines on Friday May 12th and continues to show up in various forms. In a nutshell, this ransomware has impacted more than 200,000 systems worldwide and its variants are likely to continue to cause problems.
With organizations spending millions a year on security infrastructure, how could such an attack be carried out on such a vast scale? To answer that question, we should look at the past.
Well before the new millennium, Sun Microsystems coined the phrase, “The network is the computer,” and it perfectly encapsulated the era in which the local area network reigned. The state of the art in computing was in the power of sharing resources such as file and print servers on a LAN. Protocols including Microsoft’s Server Message Block (SMB) were developed primarily for LAN environments with an explicit assumption that the internal network was safe and protected from the outside.
Which brings us to this week’s news about the global WannaCry attack, which owes its rapid proliferation to SMB. Once the worm had breached the corporate network, it propagated laterally from one internal unpatched Windows system to another.