Besides the kill switch, the payment system was amateurish as well. Most ransomeware payment systems are automated, but despite designing something that would burn its way through the internet in record time, the purveyors of WannaCry set it up so that they’d have to deal with ransom payments and decryption individually. This does not scale to attacking the whole world.
Like most people in security, Suiche puts most of the blame on not patching and upgrading software. “Companies need to be better prepared with backup strategies and up to date systems!” he said. “We got lucky today because this variant was caught early enough that no further damages had been done, but we need to be prepared for tomorrow!”
But the sprawling companies that are vulnerable to attacks like this one have a fragile network not just of computers, but of contracts, vendors, service agreements, and customers who are deeply impacted by any downtime. No middle manager is eager to be scolded for systems downtime that may avert some abstract hacker threat in the future, and no one gets called into their boss’ office and patted on the back when WannaCry doesn’t hit their servers. Suiche says he understands that patching and upgrading is not easy on these complex systems, but “neither is trying to recover data on a quarter million systems. No solution is easy, people need to pick their battles.”