WannaCry, North Korea and the DHS SAFETY Act

In the wake of the revelation that North Korea was behind the latest WannaCry ransomware attack, it has become apparent that companies of any size or industry can become targets (or merely unwitting victims) for acts of cyber warfare launched between governments.

It is equally clear, with the “success” of the attack counted in dollars collected, victims impacted, and outages sustained, that we will see an increase in number of terrorist, extremist, and other hate actors using cyberattacks as the mechanism to enact social unrest and/or financial panic. Now the question remains – how does the average company protect themselves against what seems to be a potentially existential threat?


Thankfully, the U.S. Government, through the Department of Homeland Security (DHS), identified this type of destructive threat and took action to to prepare our Government, our businesses, and our people through the Support Anti-terrorism by Fostering Effective Technologies (SAFETY) Act of 2002 which was enacted to promote the development of technologies created by cyber threat hunters and responders.

After rigorous testing by DHS, products like BluVector can be awarded a SAFETY Act Designation, which allows the capability to be considered as a Qualified Anti-Terrorism Technology (QATT). In addition to the prestige such an accolade imbues, there are important real-world benefits to users of the technology, all of which become even more pertinent in our current climate where victims do not only have to address the immediate financial, reputational, and operational impacts – but are forced to spend time addressing lawsuits

By utilizing a QATT Technology, should a cyberattack occur that the Secretary of DHS determines to be an Act of Terrorism, you, the consumer, can rest a little easier, as DHS has mandated that consumers of the technology shall have no liability. Any claim that is filed must be directed at the seller of the technology (that’s us). This protection not only applies to you as a direct purchaser of QATT technology, but also to you as a reseller, partner, end user, or even sub-end user. So, with Safety Act designated technologies like BluVector, not only are you armed with the tools to identify, predict, and contain threats, but you have an added layer of protection after an event, for greater piece of mind.

So, ask yourself, after suffering an attack that can interrupt your operations, leak data, and cause huge financial setbacks, do you really want to spend time addressing lawsuits and other claims? Investing in technologies like BluVector may offer the best and easiest “insurance” against this risk.

Team member
Kris Lovejoy

All Threat Reports