Support the fact-based journalism you rely on with a donation to Marketplace today. Give Now!

Massive ransomware attack in Europe all but promises more to come

Kai Ryssdal and Molly Wood Jun 27, 2017
HTML EMBED:
COPY
DAMIEN MEYER/AFP/Getty Images

Massive ransomware attack in Europe all but promises more to come

Kai Ryssdal and Molly Wood Jun 27, 2017
DAMIEN MEYER/AFP/Getty Images
HTML EMBED:
COPY

Today in world cyber news, two major developments on the other side of the pond: the European Commission rules to fine Google 2.42 billion euros for antitrust violations, and another ransomware attack shakes Europe. Similar to the previous WannaCry virus attack that infected 300,00 computers worldwide, this most recent wave of viruses hit prominent European companies like Russian energy giant Rosneft, Danish shipping company AP Moller-Maersk and British advertising agency WPP. In order to better understand this newest attack, Marketplace host Kai Ryssdal called up senior tech correspondent Molly Wood. The following is an edited transcript of their conversation.

Kai Ryssdal: Give me the very quick ransomware explainer, would you?

Molly Wood: Yes. Ransomware is a type of cyber attack where a hacker breaks into a network or a system, locks it down, encrypts all of it so that nobody can get in, and then asks for money before they’ll unlock it.

Ryssdal: So now these companies have to deal with getting back control of their data. It doesn’t seem like there’s a rhyme or reason to the kinds of companies that are out there getting hit by this.

Wood: Yeah. I mean, I think the rhyme or reason seems to be companies that have vulnerable networks. What we’re hearing is that the tools that are being used in today’s attack are the same exploits that were used in the most recent ransomware attack that was called “WannaCry” that was primarily confined to the U.K. And look, this is the kind of thing that security researchers have been talking about for years, if not decades, which is that companies, utilities, banks, even governments — maybe even especially governments — are not ready. They are not prepared for this sort of next generation of hacking tools that, at this point, thanks to that big theft from the NSA, are freely available online. I mean, the hackers who broke into the NSA and stole their collection of hacking tools are essentially offering them up like a wine of the month club.

Ryssdal: Good line. Am I wrong if I say that this is becoming increasingly worrying?

Wood: Yes, that would be that would be a nice, calming way to put it. Yeah, I mean, I think for a lot of security researchers, the sense is that the worst-case scenario is here. It points to a lot of different things that are troubling. One is, spy agencies are stockpiling tools that can be used to break into systems, and those tools can be stolen and put into the wild. And we don’t know what’s happening on the networks that are currently locked down. I mean, the hackers could be using the ransom demands as a cover to be stealing all kinds of other things and set up for the next attack. So yeah, it’s worrying. It’s troublesome.

Ryssdal: Let me change gears on you here real quick and ask you about this Google fine from the European Commission this morning: $2.7 billion, as we’ve all heard. Interesting, isn’t it, that the European Union’s the one going after American companies for monopolistic and anti-competitive practices and not American regulators, huh?

Wood: Yeah, it’s definitely not the first time, and it’s sort of a growing trend. And people watching the tech industry have been asking for a long time, “Is this going to cross the pond? Is this kind of zeal for prosecuting these anti-competitive or antitrust behaviors going to come to the U.S.?” And I think that’s the real question, and that’s probably the only point at which you would see real change from these companies. But yeah, European regulators, I think, have said very clearly some of it is that these are big American companies who are coming in and trampling all over small European companies, unquestionably. And they have said, “We don’t think these companies have the right to behave however they want in service of making money.” That is not usually a line that U.S. regulators take. 

Want to hear more about the state of the world’s cyber security? Or curious about, say, the difference between the national debt and the deficit? Check out our podcast, Make Me Smart with Kai and Molly, where we talk about the economy, technology and culture, and the stuff that’s a little bit of all three. 

There’s a lot happening in the world.  Through it all, Marketplace is here for you. 

You rely on Marketplace to break down the world’s events and tell you how it affects you in a fact-based, approachable way. We rely on your financial support to keep making that possible. 

Your donation today powers the independent journalism that you rely on. For just $5/month, you can help sustain Marketplace so we can keep reporting on the things that matter to you.