Ransomware And The NSA

Should the government still be stockpiling software flaws?

The effects of this month’s global ransomware attack seem to be fading, fortunately. But a crucial question the incident raised is only getting more urgent. When it comes to online security, the U.S. government’s priorities — preventing terrorism and protecting cyberspace — are in permanent tension. Is there a way to resolve it?

The National Security Agency routinely seeks out flaws in common software and builds tools, known as exploits, to take advantage of them. Doing so is an essential part of the agency’s mission of spying on terrorists and foreign adversaries, yet it comes with grave risks.

The latest attack — still evolving — is an example. Researchers say it takes advantage of a stolen NSA tool to exploit a flaw in some versions of Windows. Microsoft Corp. has suggested that the NSA knew of the flaw for some time, yet didn’t disclose it until the theft.

…continue reading

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: