Elaine Ou, Columnist

Don't Want Your Cyber Attacked? Move to the Cloud

The latest malware attack should motivate businesses to get their security act together.

June 28, 2017 at 2:59 PM UTC

Elaine Ou is a Bloomberg Opinion columnist. She is a blockchain engineer at Global Financial Access in San Francisco. Previously she was a lecturer in the electrical and information engineering department at the University of Sydney.

Data security, old school.
Photo: Evans/Three Lions/Getty Images

Provide news feedback or report an error

Site feedback:

Take our Survey

This article is for subscribers only.

Malware has yet again disrupted businesses around the world, just weeks after hackers used leaked National Security Administration tools in a global cyberattack called WannaCry. The ultimate target in both cases may be people's sensitive information -- a troubling reality that should finally motivate organizations to get serious about security.

Tuesday’s attack was more sophisticated than WannaCry, which took advantage of a Windows exploit to infect more than 200,000 computers in 150 countries (and which cost, by one estimate, more than $4 billion). Microsoft security researchers have traced the initial infection to a Ukrainian software vendor called M.E.Doc, which inadvertently released a malevolent update to its popular tax accounting software. When customers installed the automatic update, a piece of malware obtained passwords that were then used to gain access to other machines. The so-called Petya virus then locked users out of their computers and demanded $300 in bitcoin to get back in.