WannaCry Ransomware: It might seem unbelievable that we are still discovering security gaps in software that has been used for decades. Most of us can expect that, at least for a software that uses hundreds of millions of people every day, errors should be detected and corrected.
But the chaos caused by the WannaCry ransomware last week shows how difficult it is to ensure that even in the most used software, things will not go wrong and even on a large scale.
This is because software is seldom designed or written in isolation. Sometimes developers rely on old codes written by others and link them to other systems that can not even be built. The code is often hurriedly written by developers who intend to fix it later. And as business priorities change, the coding format must be changed, whether we refer to coding languages used or how to manage projects.
Instead of pursuing perfection, software development is more often a compromise. Think of an office building in the middle of a busy city: it may have to be built over old drains and underground railroads. The project manager hopes that the basement will not start flooding, or even worse, that the foundations will not rot and will collapse the building.
This does not mean that software companies should abandon: the importance of robust code and secure software can be increased by using it from automotive to medical equipment.
But writing now and fixing it later does not seem to be an option anymore. It may be about an irrelevant software, but it is not for developers who develop critical systems that we rely on everyday.
But others who are not developers should recognize the importance of creating and maintaining software security by rewarding companies that set these standards as a priority.
We also need to recognize that software will inevitably leave us “unfinished” occasionally. This may be about backing up systems and data but be prepared for the worst. It also means that we need to better understand the risks we face.
Too many events allowed WannaCry to be so aggressive (leaks of CIA hacking tools, vulnerabilities in older Windows, unrecognized systems).
All the signs (see the leaks WikiLeaks (more CIA tools) indicate that more "storms" will follow, perhaps larger than the latter.
More “WannaCry” are coming, and this will be soon, so get ready.