From Ransomware to Wiperware: The Politics of Analyzing a Cyberattack

by James Stanger | Jun 30, 2017

James Stanger speaking about CSA+ at the Churchill War Rooms in LondonOver the past few months, we’ve seen some major attacks and traumatic events worldwide. In fact, it seems that each time I stepped on or off a plane, some sort of major event had accompanied my arrival. For example, when I landed in Chicago last month, the WannaCry attack was all over the news, accompanied by political upheaval in the United States, France and the United Kingdom.

As I flew to London the next week, the London Bridge attack was already underway. People were still mourning the Manchester attacks, and fresh in my memory was the Westminster attack. In fact, that was the reason I was traveling to London. We had scheduled an event in March to announce the new CompTIA Cybersecurity Analyst (CySA+) certification at the Churchill War Rooms but cancelled it in the wake of the attack.

Next on my road trip was the Armed Forces Communications and Electronics Association (AFCEA) Conference in Baltimore, Maryland. There, my excellent teammates, Stephen Schneiter and Patrick Lane, and I put on a mini bootcamp for the CySA+ certification. It was also there that I heard about the strange results of the “snap election” that Teresa May called in the United Kingdom. It seems that I bring drama wherever I go.

And now, just as I got back from Tokyo, the Petya “wiperware” attack was unleashed on June 27. It’s been a busy, traumatic time that has put everyone on edge. I say “wiperware attack” because it seems that this latest attack really isn’t about generating revenue through ransomware. It’s about generating cyberterror through malware that irrevocably wipes data. Ransomware is designed to offer the hope that if someone pays, they’ll get their data back. This instance of Petya doesn’t even hold out that hope: it’s designed to deny any and all service that your computer can provide. It appears that the stakes have been raised. Lots of drama, indeed.

But, it hasn’t all been drama and trauma. In Chicago, we set the stage for a new, cutting-edge penetration testing certification that we’re calling CompTIA Penetration Tester (CPT+). CPT+ is similar to CySA+ in that it will cover intermediate-level skills in the CompTIA Cybersecurity Career Pathway, but it ​will focus on offensive skills rather than defensive. We expect to release the exam in 2018.

And that London trip I went on? I presented at the SITS Service Desk Show about essential skills for help desk workers and how they can actively participate in the cybersecurity kill chain. I also participated in a security roundtable with security experts from around the United Kingdom. It was an exciting time!

Jonathan Jenkins and Claude Williams of PhoenixTS standing behind the sign language interpreter

After a quick trip home to Olympia, Washington, I presented at another CySA+ mini bootcamp with Patrick Lane and Stephen Schneiter. We worked with Claude Williams and Jonathan Jenkins of PhoenixTS to help about 80 students prepare for the CySA+ exam.

Then, just to make sure that my jet lag wouldn’t catch up with me, I flew across the Pacific to Tokyo to speak at a seminar on how to build the ideal computer security incident response team (CSIRT). We discussed the specific skills that people need to respond to attacks most efficiently.

While there, I gave a press conference about the CySA+ certification and the importance of security analytics today and also spent a couple of hours with some excellent students at Niigata Computer College. We discussed IT security and their bright future, and in many ways, that was the highlight of my trip.

So, even as we see horrific and traumatic events take place, don’t get too distracted. Even though there is no “magic bullet” to fix our modern problems, we can all see that good people are working hard to respond to these attacks. We’re helping develop the IT workforce worldwide. I have the photos – and the frequent flier miles – to prove it.

Are we in the midst of an onslaught of unprecedented, destructive attacks? Yes. But we have also assembled the finest minds in business and academia to help manage these attacks. Think of how much worse things would be without all the fine partners we work with every day. At CompTIA, we’re helping corporations narrow the skills gap and hire qualified workers. It’s good to know that good people are working so hard to solve today’s post-modern security problems.

Leave a Comment

Boost your Career with a Certification

Find out more about our Certifications

How to get Certified

4 Steps to Certification

Already certified? Let us and others know!

Share Your Story