Blog / WannaCry could turn into something much worse - are we prepared?

WannaCry could turn into something much worse - are we prepared?

by SW Team

Last Friday, the world watched, stunned and helpless, as the massive cyber attack wreaked havoc on hundreds of countries and thousands of companies, causing billions of dollars in losses, both in terms of disruption and data lost forever.

The remedy is relatively simple: apply a security patch to Windows. But 'WannaCry' shouldn't remain a mere anecdote once the patch has been applied, but should serve to teach us all a lesson: we are vulnerable. It should be a reminder that the wolf is not just in Peter's imagination, it is real and it has a ferocious appetite.

What if WannaCry had stayed hidden?

Last Friday's cyber-attack gained notoriety precisely because its effects were visible to the users and companies that were affected. It could even be argued that the mass hysteria it caused at least served to make the world more aware of the threats and risks latent in the world of cybersecurity.

Hopefully, thanks to WannaCry, more companies will invest in protecting their infrastructure, in regular backups, in firewalls capable of blocking these threats, or at least in training their staff to prevent them. Hopefully it's been a powerful demonstration of how exposed we are and how much we still have to learn: not just because I fear a WannaCry 2.0, but because I fear a much more perverse and damaging variant: a silent attack.

We can only imagine what the consequences would have been if the attack had been aimed at stealing confidential information instead of ransomware: how much and what kind of data from Telefónica, the NHS and countless other companies would the attacker have been able to obtain? And what company would have dared to report the theft and alert the public?

I can assure you that in such a scenario, no one would have opened the news bulletins and front pages of the newspapers with the news. No one would have been shocked by the lack of security, and far fewer people would have taken seriously the latent threats to which we are exposed.

So if this incident has served any purpose, it is to alert us to the fragility of our digital ecosystem and the importance of working to improve its security. There will come a day when no one cries "the wolf is coming", but on that day, faced with a silent threat, we will survive or not, depending on whether we have done our cybersecurity homework beforehand.