Skip to main content

Hold North Korea Accountable for WannaCry—And the NSA, Too

posted onDecember 20, 2017
by l33tdawg

Seven months after the WannaCry ransomware ripped across the internet in one of the most damaging hacking operations of all time, the US government has pinned that digital epidemic on North Korea. And while cybersecurity researchers have suspected North Korea's involvement from the start, the Trump administration intends the official charges to carry new diplomatic weight, showing the world that no one can launch reckless cyberattacks with impunity. "Pyongyang will be held accountable," White House cybersecurity chief Tom Bossert wrote in an opinion piece for the Wall Street Journal.

But for some in the cybersecurity community who watched WannaCry's catastrophe unfold, North Korea isn't the only party that requires accountability. They argue that if guilty parties are going to be named—and lessons are to be learned from naming them—those names should include the US government itself. At least some of the focus, they say, belongs on the National Security Agency, which built and then lost control of the code that was integrated into WannaCry, and without which its infections wouldn't have been nearly as devastating.

"As we talk about to whom to attribute the WannaCry attack, it’s also important to remember to whom to attribute the source of the tools used in the attack: the NSA," says Kevin Bankston, the director of the New America Foundation's Open Technology Institute. "By stockpiling the vulnerability information and exploit components that made WannaCry possible, and then failing to adequately shield that information from theft, the intelligence community made America and the world’s information systems more vulnerable."

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th