Google
 

Aardvark Daily

New Zealand's longest-running online daily news and commentary publication, now in its 23rd year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.

Content copyright © 1995 - 2017 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at aardvark.co.uk



Please visit the sponsor!
Please visit the sponsor!

WannaCry, who is really responsible?

15 May 2017

As we've seen over the weekend, a new piece of ransomware has struck thousands of computers around the world, some of them being used in critical applications such as the healthcare industry.

Naturally, the media are talking about the evil hackers who launched this malware on the world in scathing terms and warning everyone to patch their systems, not to open unsolicited emails and generally lift their security game.

I notice also that quite a few in the media are blaming WikiLeaks for this latest attack because it is based on vulnerabilities and exploits released by them as part of the haul of NSA spyware they received recently.

Well to be honest, although the evil sods who launched WannaCry are not to be commended in any way, I think the real blame must rest at the feet of the NSA and here's why...

The NSA were acting against the best interests of computer users around the world (including those in the USA) when they discovered the exploits on which WannaCry is based -- but did not disclose them to Microsoft so that they could be fixed.

This is kind of like a policeman seeing a loaded pistol under a hedgerow and choosing not to pick it up and hand it in.

The rationale used might appear sound to him -- perhaps something along the lines of "gosh, I might need that gun to save my life one day so I'll leave it there, just in case".

However, the reality is that if some teen-aged gang member also finds the gun and uses it to commit an armed robbery in which someone is killed -- the the cop would be hugely culpable -- morally if not legally.

And this is more or less the situation we have right now with these ransomware attacks.

The NSA opted to leave a dangerous weapon (the exploits on which their code was based) unreported and thus unpatched -- placing a huge number of systems at risk of being compromised.

And yes, I suspect that people *have* died as a result of this -- given that it impacted the UK hospital system so severely.

Perhaps it's time for the USA to "please explain" why they play so loose and free with the security and safety of the world?

Oh yes, we know that your intentions were (alleged) good and perhaps you think that you've actually saved lives by virtue of the intelligence you've gathered from those computer systems you've installed your own spyware on -- but honestly, that's no excuse.

I would call on President Trump to demand that any US government employee or contractor who discovers a software vulnerability with the potential to compromise computer systems should be required by law (under threat of imprisonment) to notify the software manufacturer of that flaw and that the software manufacturer should then be required to patch the hole within a certain amount of time.

The reality is that because so much of our technology is now reliant on software, a failure to report and fix these holes becomes an issue of life and death.

If the US government and its agencies think they are doing the right thing by simply exploiting and not reporting these vulnerabilities then they are no different to the many other despot regimes around the world who believe that *they* are doing the right thing -- despite the cost in human lives.

What do readers think?

There are many at fault for WannaCry but who is the single biggest bastard responsible for this malware?

Please visit the sponsor!
Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column


Rank This Aardvark Page

 

Change Font

Sci-Tech headlines

 


Features:

Beware The Alternative Energy Scammers

The Great "Run Your Car On Water" Scam

 

The Missile Man The Missile Man book

Recent Columns

A trip down (very expensive) memory lane
Last night I took a couple of hours (well three hours actually) out of my normally busy evening to watch some TV...

A million eyes for China
Drones are big and in the world of drone manufacturing, China is the clear global leader...

Where is our $7K ECEV?
If you've got the money, you can pick up a pretty tidy used-car in NZ for under $10K...

Goodbye Kim
Today I am going to pick up where I left off last week, with more on the battle between the world's two most two badly coiffured leaders (or is that "covfefed"?)...

Stupidium and the big bang theory
No, I'm not talking about the TV series or the origin of the universe...

An interesting case study in "duh!"
Recently the NoPetya attack crippled computer systems around the world...

Why old-school is still important
We've got so many fantastic new technologies that have come from the advancement of electronics and computers that sometimes it's hard to imagine living without these bits of hi-techery...

SkyTV in its death throes
I've already written about the lunacy which is the management of SkyTV but today, in the wake of a recent event, I must again focus my beady eyes on the future of this broadcaster...

Four decades later...
I started playing around with computers about 40 years ago -- back in 1977...

It's happening already
There have been a number of predictions that robots will take over almost half the jobs currently performed by people within the next decade or so...

British Government wants back doors
In another move, designed to completely destroy the right to privacy, the British government has effectively said that it wants technology companies who provide end-to-end encryption services, to provide back doors...