On the 12th May 2017, the world of cyber security was rocked by the WannaCry ransomware attack. It was the first time that a ransomware attack had probed the public’s consciousness on an international scale, with 24 hour mainstream news stories detailing the nature and subsequent fallout and analysis from the attack.
This blanket coverage required comment from security experts who were asked what had happened, why it had happened, who was to blame, how it could be prevented in the future and the ramifications of the attack.
It was a huge opportunity for security companies to push their experts into the spotlight to not only answer these questions but also to take the opportunity to emphasise the importance of preventative measures. The implication being, although rarely explicitly stated, is that their company can provide assistance.
At Apollo Research, we closely monitor security news stories from around the world and in May we took a look at the spokespeople/experts that received the most coverage. The top 10 in the USA are listed below but if you want to see the top 50 in the USA and UK and the top 20s in France and Germany then you can download the report here for free.
The top 50 security spokespeople/experts in the USA in May represented 40 different companies. Only six of those companies had more than one representative with Google having the most with five (three in the top 10).
Six of the ten listed in the chart above received most of their coverage in WannaCry related articles.
The most prominent was Brad Smith, SVP and General Counsel for Microsoft. When WannaCry hit the headlines, Microsoft were immediately under the spotlight because the malware exploited a vulnerability in the Windows operating system. Two days later, Smith wrote a post on Microsoft’s blog pointing out that the vulnerability had actually been patched in March. But the part of his blog that received the most attention was when he pointed out that the National Security Agency had, through its negligence, been complicit in this attack, because the tools used to bring down organisations around the world had been stolen from the NSA by the hacking group, The Shadow Brokers.
The post was a PR masterpiece in that it not only deflected the heat from Microsoft onto those organisations who fell victim because they hadn’t installed the updates, but crucially, exposing the role that a government agency, the NSA, played in the attack.
Amongst the others who featured prominently as a result of WannaCry was Matt Suiche, founder of Comae Technologies, who not only discovered a kill switch for a strain of WannaCry but also developed a utility which decrypted files that the malware had encrypted.
Others provided insight on subjects such as where the ransomware originated from (Neel Mehta), tracking the Bitcoin ransom payments (Steve Grobman) the size of the attack (Costin Raiu) and new variants of the malware (Ryan Kalember).
Tavis Ormandy and Natalie Silvanovich of Google, were in the list thanks to discovering a vulnerability in Microsoft’s Malware Protection Engine which Ormandy described on Twitter as “crazy bad”, a phrase that captured the attention of tech writers around the world.
Eugene Kaspersky was busy as he defended his company against recommendations by the FBI to the Senate Intelligence Committee that Kaspersky Lab products should not be trusted because of the company’s alleged links to the Kremlin.
The cyber security industry has taken the role of the company spokesman to a different level. We still see them in the traditional roles of damage limitation and product/company promotion. Increasingly, though, we see them more in the industry analyst role where they offer insight and advice on the abundant cyber threats that threaten us both in our personal and business lives. This adopted analytical role should not be underestimated in its power to enhance the authority and trustworthiness of the organisations that employ them.
If you’re interested in who else was listed in the top 50 in the USA and UK and the top 20 in France, Germany and Spain then download the free report from the Apollo Research website.