2.5 Tracking a moving target

This section is part of the amber and green pathways.

Security is an ever-changing topic. New technologies are always being introduced and they bring new risks, or allow old threats to resurface in a new form.

Old technologies are retired by manufacturers, potentially leaving their users exposed to danger as bugs and security weaknesses remain unaddressed. And there are new threats being discovered every day, such as the WannaCry ransomware attack of 2017, or the more recent WastedLocker ransomware attack that shut down the services of Garmin (GPS and SmartWatch products manufacturer) in the USA in July 2020.

Ransomware such as WannaCry and NotPetya used vulnerabilities in Microsoft software. WastedLocker's spread was targeted. While the investigation is still ongoing, it is believed that one possible route for the ransomware was through hijacked newspaper sites. The malware on that site was used to infect select visitors with another malware that provided the route to install WastedLocker at Garmin. The ransom quoted was $10 million. Garmin’s services were restored after being shut down for three full days. There is no public confirmation that the ransom amount was paid.

In June 2020, the University of California at San Francisco (UCSF) paid a ransom of $1.14 million to decrypt the servers at the School of Medicine, after being hit by a ransomware attack on 1 June 2020. The ransomware, called Netwalker, is reported to target publicised vulnerabilities in widely used, outdated server software and weak passwords.

So, it is critical to ensure that the software components in use are all updated and patched for any security vulnerabilities.