So I would guess that many of us are now aware of what ransomware is. Following the attack on Friday 12th May which spread to 150 countries and infected over 230,000 computers, it's clear that many organisations are still unprepared for cyber incidents, and it highlights the escalating challenges facing those of us who work to protect vital systems from ever more innovative types of cyber crime.
The WannaCry ransomware, which exploited a flaw in Microsoft Windows systems, wasn't even that sophisticated. It simply combined two types of malware (ransomware and a worm) to go about infecting computers. Cyber criminals primarily rely on out-dated IT infrastructure, unpatched vulnerabilities and the complex inter-connectivity of organisation-wide IT systems to spread the malicious code with frightening speed.
The question consequently has to be asked - is all this interconnection possibly leading us to a place we don't want to go to? Are we truly ready for smarter ways of living? Although we have had computer systems connected to public networks for decades now, the new trend towards the creation of 'smart cities' has meant that a host of technological developments have been rapidly deployed to solve age-old problems such as traffic congestion, energy efficiency and urban planning, but without much thought about the security this entails.
In 2014, security researchers at the University of Michigan successfully hacked nearly 100 traffic lights connected to a wireless network. Many of the devices used in the network were poorly secured - such as having default usernames and passwords that were available for anyone to see on the manufacturer's website - but perhaps the more worrying conclusion was that the authors found that vulnerabilities of the system were 'not a fault of any one device or design choice, but rather...a systemic lack of security consciousness'.
It's not just traffic lights, either. Around midnight on April 7th 2017 all 156 sirens of the Dallas Storm Warning System started blaring across the city, once again demonstrating that public infrastructure systems are vulnerable to attack. What might have started as a prank ended with the city's 911 call centre grinding to a halt as worried locals jammed the phone lines. That's a city of over a million people not able to get access to the emergency services, all because someone worked out that a radio signal could be used to mimic the siren's system and trip the emergency alert mechanism.
Cities all around the world are starting to become much more reliant on 'smart' technologies to improve the lives of residents and streamline services. Smart metering is already helping to reduce electricity consumption and personal water waste in homes across the UK, and new data-driven traffic systems will undoubtedly help reduce CO2 emissions by utilising artificial intelligence to decrease traffic congestion.
Many of us are already well and truly on our way to living 'smarter.' Keyless cars with Wi-Fi hotspots, driverless cars, intelligent parking meters, smart energy meters, heating and air-conditioning controlled through your smartphone. The possibilities seem endless - there's even such things as 'smart' light bulbs and hairbrushes. It's not surprising that the global IoT footprint is predicted to grow to over 50 billion connected devices by 2020. But fundamentally all this interaction needs to integrate with so many different connected platforms that serious security challenges certainly lay ahead. Unless we start to take security seriously - by, for example, making sure IoT devices are designed to be secure from the outset - we are risking much more than just a temporary loss of service.
The idea of living in cleaner, smarter, more efficient environments is undoubtedly pretty exciting. However, in the race to make all things smart and interconnected, has a raft of potential security vulnerabilities been introduced and simply overlooked? Marrying a variety of old legacy systems - such as those that run on Windows XP, which WannaCry took over with ease - with new, bleeding edge technologies might continue to be the perfect recipe for further cyber exploitation. With poor security standards on the devices used to connect these systems, and the increasing availability of sophisticated hacking tools on the Dark Web, we could be facing a future where smart cities can be used as a tool against us.