Responding to Attacks with Information Sharing

On Friday, May 13, networks across the world were hit with one of the most malicious and far-reaching ransomware attacks in history. The attack, named WannaCry or WannaCrypt, impacted over 150 countries across the world. Ransomware attacks are a malicious software that encrypts files from its victim’s system and demands a payment, or a ransom, to release the files. If this ransom isn’t paid, the victim risks a higher fee or losing their files entirely.

The Washington Post reported that a 22-year-old cybersecurity researcher found a “kill switch” for the malware attack that led to a slowing of its proliferation. After reviewing and analyzing the malware, this young cybersecurity professional purchased a domain that effectively stopped a variant of the attack in its tracks. The spread of this ransomware has slowed dramatically over the weekend and officials are continuing to analyze the anatomy of the malware to determine if future attacks are viable. The attack took advantage of a Windows vulnerability discovered earlier this year. Officials have recommended immediately installing the latest patch, which was pushed out in March 2017, to prevent future attacks,

Microsoft President Brad Smith spoke to the severity of the WannaCry in a blog post on Sunday. “The governments of the world should treat this attack as a wake-up call,” Smith explained. “We should take from this recent attack a renewed determination for more urgent collective action. We need the tech sector, customers, and governments to work together to protect against cybersecurity attacks.”

As attacks similar to WannaCry threaten the security of our nation and the world at large, information sharing will continue to play a critical role in protecting, securing, and ultimately defeating these threats.

Information Sharing and Analysis Organizations (ISAOs) are designed to widely and rapidly propagate critical cybersecurity threat and incident response information across numerous communities of interest. This construct ultimately make communities, the nation, and the world a safer place.

“Information Sharing and Analysis Organizations (ISAOs) provide a framework for the global community to come together to prevent and defend against these attacks,” according to Dr. Greg White, Executive Director for the ISAO Standards Organization. “ISAOs are designed to regularly discuss and address cybersecurity threats while providing critical knowledge to members to help prevent potential attacks.”

To view more resources and learn more about starting or joining an ISAO, please visit ISAO.org.

The ISAO Standards Organization

About author

The ISAO Standards Organization is a non-governmental organization established October 1, 2015, and led by the University of Texas at San Antonio (UTSA) with support from LMI and R-CISC. Our mission is to improve the Nation’s cybersecurity posture by identifying standards and guidelines for robust and effective information sharing and analysis related to cybersecurity risks, incidents, and best practices.