The ‘WannaCry’ Cyber Warning — Another harbinger of the world’s exposure to hackers and digital terrorists

The NSA followed protocol but it still wasn’t enough.

Image may contain: screen

The Wall Street Journal
Commentary
May 15, 2017 7:02 p.m. ET

At least 150 countries are still working to contain a malicious computer worm that emerged on Friday. The unprecedented planet-wide attack is another harbinger of the world’s exposure to hackers and digital terrorists.

From London to Beijing to Moscow, hundreds of thousands of users were infected with a new variant of so-called ransomware, known as “WannaCry,” which encrypted their data and then solicited a blackmail payment to resume normal operations. This sophisticated, self-propagating malware was designed to spread to all other computers on the same network after infecting one machine. The culprits are unknown and could take years to track down, if ever.

WannaCry has renewed a debate about the obligations of defense departments to the private sector. The virus was developed by taking advantage of a software flaw in Microsoft ’s Windows operating system that the U.S. National Security Agency identified last August. The NSA develops libraries of such exploits, and an online group named Shadow Brokers infiltrated the database last year and published the material that led to WannaCry.

Microsoft blames the NSA for researching such hacking methods, but in this case the NSA followed the protocol known as the Vulnerabilities Equities Process that determines which flaws should be reserved for intelligence gathering and which should be disclosed to protect consumers. The NSA alerted Microsoft.

The company fixed the problem with a software patch in March, but users who failed to upgrade their OS remained vulnerable. Too many corporate and government information technology departments are behind the curve.

The episode underscores the folly of the U.S. law enforcement demand that tech companies install backdoors into their devices and services. Defrocked FBI Director James Comey ran a public pressure campaign against Apple in 2015 and 2016 when his agents couldn’t break the encryption of the iPhones of the San Bernardino killers, and asked Congress to mandate dedicated built-in decryption keys. WannaCry takes advantage of a coding error. An intentional outside entry point that leaked or fell into the wrong hands could lead to even larger havoc.

Witness the WannaCry meltdown at Britain’s National Health Service, where 45% of hospitals, doctors offices and ambulances were crippled. Even emergency room services had to be curtailed. The Russian Interior Ministry was also compromised. A successful cyber-attack on the banking system, the electric grid, traffic lights or electronic medical records could do far more economic and security damage.

Read the rest:

https://www.wsj.com/articles/the-wannacry-cyber-warning-1494889358

Advertisements

Tags: , , , , , , , , , , , , , , , , ,

2 Responses to “The ‘WannaCry’ Cyber Warning — Another harbinger of the world’s exposure to hackers and digital terrorists”

  1. daveyone1 Says:

    Reblogged this on World4Justice : NOW! Lobby Forum..

  2. Brittius Says:

    Reblogged this on Brittius.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: