The global malware escalation exposes entire governments
The latest global malware attack reflects an evolution of cyber warfare in which the communications of entire governments and countries can be crippled without recourse, says a leading computer security expert. While security firms and intelligence agencies continue to scramble to address Tuesday's attack, they have concluded that there is little or nothing to do about the data encrypted by the attackers.
Simon Crosby, chief technology officer at Bromium, a software security firm that works with companies including Microsoft and HP, says no virus protection program requiring human action will work against the malware. "It's now possible to cripple the response of a nation-state," he said.
The good news: New versions of Microsoft Windows 10 coming out later this year contain technology that protects against such encryption attacks by isolating the work someone is doing on a computer, says Crosby.
The bad news: Older versions of Windows are vulnerable and data encrypted by the attack is not recoverable — unless the attackers themselves free it up.
In a statement, Microsoft said the system is called Windows Defender Application Guard.
Crosby said the malware fix in effect creates an "isolation chamber," separating a person's work from the broader computer system. The only way to foil it, Crosby said, would be to break the brains of the computer, called the CPU, "and breaking into a CPU is massively hard. That's expensive for the bad guy."
Bottom line: Security has to be automatic and not rely on humans: "I don't think we can escape the humanity of the situation," Crosby said. "People have been fooled since Troy. You can't train the stupid out of me."