The WannaCry ransomware attacks, which some experts tentatively attribute to North Korea, remind us again that malicious malware crosses borders without pause and has the potential to cause serious harm to friend and foe alike. Days after the news broke, 99 countries had reported attacks, including major disruptions at 16 of Britain’s National Health Service healthcare centers, Russia’s Interior Ministry, FedEx, and the Spanish telecom giant, Telefonica. Despite significant investment in network security, automated security patching by Microsoft, and the best efforts of computer emergency response teams (CERTs) and incident responders across the globe, WannaCry spread like wildfire, wreaking damage on those infected. Cyence, a cyber risk modeling firm, estimates the WannaCry ransomware caused $4 billion in damages in just a few days. The rapid and destructive spread of this ransomware highlights the need for a coordinated international response to large-scale cyber attacks.
The Trump administration’s newly-issued Executive Order on cybersecurity calls for public and private input on defending U.S. networks as well for an international cyber engagement strategy. The order is a small step in the right direction toward addressing systemic risk to the internet, but the time has come for real action. The interconnected and interdependent nature of today’s international system comes with it new risks of catastrophic failure and concrete steps must be taken to address them. This means better real-time coordination between a variety of security vendors, CERTS and internet service providers (ISPs), a stronger commitment to security from developers and end users, and better cross-border support between governments pulling in domestic private resources as needed.
Nowhere is this need more striking than in our alliance with Japan. The destruction of Sony’s corporate IT system in 2014 and the 2015 pension system hack in Japan serve as stark reminders of the serious threats the United States and Japan face. In the aftermath of the Sony attack, we know that North Korea — bent on developing a nuclear missile that threatens both nations — has the ability to launch a sophisticated cyber attack in conjunction with a conventional or nuclear strike. Similarly, we see Russia — accused of meddling in the 2016 U.S. presidential elections — incorporating crippling cyber attacks on communications, financial, and energy infrastructure into its military campaigns against Georgia and the Ukraine.