What the WannaCry cybercriminal has done that politicians have failed to do
While cybercriminals are motivated by money or notoriety, did the WannaCry hacker accidentally build political bridges, asks Tom Wright?
The fallout from this month's global ransomware attack is still not fully known, but what is undisputed is that its global reach is not like any cyberattack seen before.
It's also unique in being one of the few high-profile ransomware attacks that didn't see China and Russia minutes after it took place. Russia was itself a victim, confirming that over 1,000 machines in its interior ministry were effected.
In China, the government-owned petrol corporation reportedly saw 20,000 of its stations' terminals effected. More recent reports claim that over half the infected IP addresses were Chinese.
The sheer scale of the attack, and the countries impacted, has made it extremely difficult to find someone to point the finger at.
In a chat with CRN recently Sophos CEO Kris Hagerman raised the possibility that there was in fact no evil empire looking to cripple the planet - perhaps it was just someone looking to raise some emergency funds, only for things to escalate very quickly.
"What's fascinating to me is that the entire attack that has disrupted the planet generated about $50,000," he said. "That's unbelievable, and there is a lot of speculation..."
When you listen to the speculation, the theory makes sense. Would a blood-thirsty cybercriminal looking to take down enterprises and government departments across the globe really set up a Bitcoin wallet and expect to be paid? Would they really expect to be able to actually withdraw the funds unnoticed?
The $50,000 raised - while a relatively small amount in relation to the size of the attack - shows that some organisations will pay out in the hope of getting their data back. This, coupled with the ease at which ransomware-as-a-service providers can be located, proves there is a money making opportunity. If a cybercriminal was only in this for the money then surely a smaller attack would have sufficed and given them a far better chance of retrieving their earnings.
Hagerman elaborated: "We have a lot of researchers working on this, as other vendors do to, and it's quite possible that this entire attack was initiated by someone who thought that they would set some isolated, targeted brush fires and profit from them - but unwittingly released a global fire storm that's spread almost instantly across the globe and then consumed their own house.
"Whoever it is has, I'm sure, completely run for cover at this point."
If it truly was an accident, then perhaps the hacker deserves a certain amount of praise. You'd do well to think of another global event that has seemingly put every country on the same side of a controversy. Is there a country somewhere out there pleased that this happened? Perhaps it's a diplomatic masterstroke. For one week, at least, world leaders were seemingly dealing with the same global crisis from the same perspective as each other.
"I can't think of another human being on the planet who right now is being hunted by the Americans, the Chinese, the Russians, the British, the French, and every other major country I can think of," Hagerman said.
"Every major country views this person as a criminal, and I can't think of one other thing that all those countries agree on!"
So will the political Dark Knight take any applause for his selfless work? Probably not.
"Of course what this individual did was despicable, but if you think for one moment what it would be like to be this person?" Hagerman quipped. "You wouldn't want to be them.
"They're probably hiding in a bunker somewhere with every device that is even remotely connected to power… probably not only have they disconnected them they've probably smashed every outlet and destroyed every light bulb. They'll go into hiding for the next five years!"