Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

The World's Biggest Hacking Powers Are Sitting Out Attempts To Bring An End To Hacking

From: InfoSec News <alerts () infosecnews org>
Date: Mon, 26 Nov 2018 07:44:09 +0000 (UTC)
https://www.buzzfeednews.com/article/kevincollier/hacking-geneva-convention-us-opposition-russia

By Kevin Collier
BuzzFeed News Reporter
BuzzFeed.com
November 19, 2018
A year and a half after North Korea and Russia each tinkered with a stolen US hacker tool and wreaked global havoc, the world's governments are at an impasse about how to stop it from happening again.
Fifty-one of the world’s governments -- including the United Kingdom, the US's top ally in cyberspace -- signed an agreement last week to work together to "prevent the proliferation of malicious online programmes and techniques," among other means of promising to try to help secure the internet. But some of the top-tier cyberpowers in the world -- the US, Australia, and Israel -- declined to go along, as did the US's top cyber adversaries -- China, Iran, North Korea, and Russia.
It wasn't mentioned in any of the official languages of the agreement, but looming large behind it is the creation and abuse of an elite hacker tool called EternalBlue. Designed by the US National Security Agency, it's extraordinarily effective at breaking into older, unpatched versions of Windows. In 2016, a mysterious entity calling itself "the Shadow Brokers," whose real identity is conspicuously still unknown, obtained and released EternalBlue to anyone who cared to visit its blog.
The NSA told Microsoft about the tool soon after it leaked, but plenty of people around the world either don’t update their computers or used older, pirated versions of Windows. The next year, both Russia and North Korea used EternalBlue to create the two most destructive cyberattacks to date. Both were versions of a ransomware worm -- a piece of malicious software that both holds a computer hostage and spreads to others. North Korea's, known as WannaCry, crippled the UK’s National Health Service. Russia's, NotPetya, was aimed at Ukraine but resulted in international shipping company Maersk and pharmaceutical giant Merck being completely hobbled for days. There were countless other victims. 

[...]


--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: