Someone had stolen never-before-seen hacking tactics from the National Security Agency and posted them online. Working in shifts for 36 hours straight, dozens of Alert Logic engineers in Houston, Belfast in Northern Ireland and Cardiff in Wales devoted their attention to analyzing the leaked computer code.
What they found could undermine the privacy of the crucial corporate files they protect for 4,000 media companies, retailers and app makers. They developed a way to stop their clients from falling victim to the spying and issued warnings to the public through blogs and social media.
Several security firms around the world echoed that sentiment, blasting alerts in mid-April instructing systems administrators to tighten defenses because the NSA leak was sure to lead to a cyberweapon, and signs of a brewing attack had emerged.
It’s clear the advice didn’t reach or sway everyone: The WannaCry ransomware offensive seized an estimated 300,000 computers last week, with repairs and other associated costs possibly running into the billions of dollars globally.
WannaCry illustrates the challenge faced by cybersecurity companies as data breaches, credit card theft and phishing become more common. Security researchers regularly sound the alarm — but they fear their warnings are getting lost in a sea of risks.
Timely, incisive articles delivered directly to your inbox.