This was, truly, the cyberattack heard round the world. And to quote an old investing maxim, “You never know who’s swimming naked till the tide goes out.”
Lots of people and companies and governments across the globe showed that when it comes to cybersecurity, they’d been, well, rather … underdressed.
As the world dug out from the WannaCry debris, far flung corners showed damage. As reported by The New York Times, China showed some vulnerability, with universities and government agencies slammed, as they’d been reliant on pirated software as part of their everyday technologies. The workaday use of unlicensed Windows software, said cybersecurity research firm F-Secure, based in Finland, may have helped bolster ransomware’s reach, where on Monday it was reported that according to Chinese security outfit Qihoo, more than 29,000 firms had been hit. That’s at least partly because security patches had been missed — and as much as 70 percent of software in the country has been downloaded and installed and used without proper licensing. The Times noted that Russia follows with 64 percent and India at 58 percent.
All told, the malware pilfered from the National Security Agency touched 200,000 computers across 150 countries.
As far as Russia is concerned, the Times reported separately that the country was among those hit hardest by the initial flurry of attacks. The scope of organizations hit spread beyond the education sector and private firms, embracing cellphone operators and transportation bedrock such as railroads.
Reuters reported that the cost to all of these businesses could stretch into the billions of dollars — and one firm, Cyence, said that the total economic costs stemming from business interruptions could be about $4 billion.
It might not be too far-fetched to think that cyber insurance may become top of mind for companies. Reuters reported that it is the countries outside the United States that could be at risk of shouldering the financial fallout. The reason is due in part to the fact that nine out of 10 cyber insurance policies are carried in the U.S., as noted by Kevin Kalinich, who heads Aon’s cyber risk operations. The annual premiums paid by the firms come in between $2.5 billion and $3 billion, with the average breach coverage coming in at about $50 million.
Reuters said separately that banks have looked to gird their own technology and controls and protections in the wake of the attacks. Banks in Europe have sought to beef up cyber vigilance. Kenneth Gross, with the European Banking Federation’s cybersecurity group, said that the industry fears copycat activity. In Germany, savings banks are being reminded to install new updates, while other firms were sending workers in over the weekend to install patches.