Those patches signal problems that, before the patch is installed, can be momentarily exploited by hackers. In order to prevent software bugs and errors from posing a serious threat to our computers and networks, software vendors release security patches to fix emerging problems. One reason these precursor events occur is rather straightforward. Major cyber-attacks are often preceded by a chain of events and disturbances which, from a creeping crisis perspective, can be seen as precursor events and indicators of a deeper problem. Above all, these events demonstrate the need for a better understanding of the long-term processes that give rise to cyber crises. Due to their highly complex nature, they receive varying levels of attention from different actors. In contrast to conventional wisdom, cases like WannaCry are not exceptional events delimited in time and space, but rather permanent global threats that manifest themselves as seemingly acute crises (cf. Footnote 1 Drawing from the creeping crisis conceptual framework, the chapter argues that, despite their seemingly speedy and temporally delimited nature, cyber crises do not have a clear beginning or ending and may keep simmering long after the “hot phase” of the “crisis” is over (Boin, Ekengren, & Rhinard, 2020, p. Most analyses on the matter focus on cyber crises’ unprecedented speed, unpredictability, and delimitation in time. It makes use of the “creeping crisis” concept introduced in the first chapter, a concept that helps to reveal dimensions of cyber crises that are often overlooked or misinterpreted. With WannaCry as an indicative example, the chapter shows how cyber crises are “hiding in plain sight”, to quote the title of this volume. This chapter demonstrates our shallow understanding of cyber crises. Standing still, we might say, is falling behind in the pursuit of cyber security. You don’t want to let your guard down there” (p. As Middleton ( 2017) argues, “ we need to keep doing the same things we have been doing for many years in the realm of physical security. Software contains bugs and errors that can have serious security implications, since cyber criminals can exploit these bugs to gain unauthorized access to, and control over, a computer. This is a key point in understanding how the situation got out of control during the 2017 WannaCry attack. As in the physical world, cyberspace can never be entirely secure. Cyberspace is not an exception to the rule. No matter how many security systems we install in our homes, our banks and our businesses, there will always be the risk of criminal activity. These are just a few of the major implications of the WannaCry attack. The Russian interior ministry, railways, banks and phone operators all found themselves battling ransom demands (BBC, 2017). The multinational shipping company FedEx experienced widespread service delays. Red pop-up windows covered announcement boards at Deutsche Bahn stations. Hospitals and clinics in Britain were forced to turn away patients due to a lack of access to patient information. This “distributed denial-of-service” attack affected multiple systems across the world. The worm replicated itself within networks without user interaction (Europol, n.d.). These users had fallen victim to a ransomware “cryptoworm” now known as WannaCry, which allows hackers to encrypt user data. If users did not meet the deadline, the ransom would double if the payment was not made within seven days, the decrypted files would be deleted (Symantec, 2017a). The message was accompanied by a set deadline of three days: the user had to pay 300 USD ransom in the Bitcoin cryptocurrency to have their files decrypted. In May 2017, a large number of users booted their computers only to find this message on their screens.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |