In May 2017, the computer virus known as WannaCry spread across the globe like wildfire, infecting hundreds of thousands of computers. Using a type of infection known as ransomware, the virus locked and encrypted files on the affected computers so they could not be accessed. Messages demanded that users pay $300 in digital currency in order to have their computers unlocked. The unknown perpetrators stated that if the ransom wasn't paid within days, the required payment would double, and after a week, the files on the infected computer would be wiped clean.
Before the attack was stopped, more than 300,000 computers in 150 countries were affected. The attack caused disruptions in hospitals, public transportation, banks, and telecom providers.
In mid-December, the Trump administration blamed North Korea for the attack, and the U.S. Department of Homeland Security revealed that tech giants Facebook, Inc. (NASDAQ:FB) and Microsoft Corporation (NASDAQ:MSFT) had disabled a number of new cyberthreats in recent weeks.
The two companies that might normally be considered competitors in the tech arena collaborated with "others in the security community," though the other players weren't identified.
In a White House news conference, homeland security advisor Tom Bossert said that "Facebook took down accounts that stopped the operational execution of ongoing cyberattacks and Microsoft acted to patch existing attacks, not just the WannaCry attack initially." Bossert chose not to elaborate on the nature of the other attacks.
Both companies confirmed their role in the action. Facebook said that it deleted accounts linked with the hackers "to make it harder for them to conduct their activities." The hacking collective, known as the Lazarus Group, had a number of fake personal profiles that it used to target unsuspecting users. Facebook also notified individuals who had contact with the suspect accounts. In a statement, the company said:
Facebook has a long-standing commitment to security, and we continue to invest in efforts to protect people from cyber threats and keep our platform safe. We will continue to work closely with companies to investigate and counteract these types of threats to our collective security.
Microsoft president and chief legal officer Brad Smith issued a blog post saying that the company "among other steps, last week helped disrupt the malware this group relies on, cleaned customers' infected computers, disabled accounts being used to pursue cyberattacks and strengthened Windows defenses to prevent reinfection."
Smith also said that the company "welcomed the opportunity" to cooperate with Facebook and others on the threat.
The ongoing threat
The risk from cybercrime has risen to the level of a worldwide epidemic in recent years, with some saying that it represents the greatest single threat to every company worldwide. The cost of cyberattacks could rise to $6 trillion annually by 2021, according to the Official 2017 Annual Cybercrime Report by Cybersecurity Ventures.
Threats of this type could have a material impact on these companies. In its third-quarter 2017 financial release, Facebook CEO Mark Zuckerberg was referring specifically to Russian-bought political ads, but this could just as easily apply to cyberattacks by North Korea:
I'm dead serious about this, and the reason I'm talking about this on our earnings call is that I've directed our teams to invest so much in security -- on top of the other investments we're making -- that it will significantly impact our profitability going forward, and I wanted our investors to hear that directly from me. ... But I want to be clear about what our priority is: Protecting our community is more important than maximizing our profits (emphasis by author).
While the collaboration between Microsoft and Facebook was successful at disabling a number of recent security threats, investors should be aware that this will be an ongoing battle and one that will likely cut into future profitability for the tech giants.