Comment on Security experts predicted WannaCry attack; why did so few listen?

Working in shifts for 36 hours straight, dozens of Alert Logic engineers in Houston, Belfast in Northern Ireland and Cardiff in Britain devoted their attention to analyzing the leaked computer code. What they found could undermine the privacy of the crucial corporate files they protect for 4,000 media companies, retailers and app makers. Several security firms around the world echoed that sentiment, blasting alerts in mid-April instructing systems administrators to tighten defenses because the NSA leak was sure to lead to a cyberweapon, and signs of a brewing attack had emerged. The WannaCry ransomware offensive seized an estimated 300,000 computers within the last week, with repairs and other associated costs possibly running into the billions of dollars globally. WannaCry illustrates the challenge faced by cybersecurity companies as data breaches, credit card theft and phishing become more common. The answer, he says, could be governments holding companies accountable for failing to take proper precautions, especially in the face of warnings. “It’s highly likely what we saw were precursors to WannaCry,” said Govshteyn, Alert Logic’s co-founder and senior vice president of products. Alert Logic quickly informed clients, including about two dozen customers whose security practices left open dangerous holes. Other information security companies shared news of thousands of infected computers. The early detection should have led people to update their systems with a patch from Microsoft and adjust firewall settings, said Vladimir Vlaski, founder of Milwaukee firm BelowØDay. British computer security researcher Kevin Beaumont said people mocked his prediction that the NSA intrusion tactic would be used to set off a worm — malware that automatically crawls from computer to computer across networks. The chatter about the need to intensify security because of the NSA leak may have been drowned out by the news cycle surrounding President Trump in recent weeks, security consultants suspect. [...] he described the closest thing as the Internet Storm Center — a global threat-sharing group sponsored by a for-profit technology training institute in Maryland.