One Article Review
| Source |  Errata Security |
|---|---|
| Identifiant | 460820 |
| Date de publication | 2018-01-29 01:25:14 (vue: 2018-01-29 01:25:14) |
| Titre | The problematic Wannacry North Korea attribution |
| Texte | Last month, the US government officially "attributed" the Wannacry ransomware worm to North Korea. This attribution has three flaws, which are a good lesson for attribution in general.It was an accidentThe most important fact about Wannacry is that it was an accident. We've had 30 years of experience with Internet worms teaching us that worms are always accidents. While launching worms may be intentional, their effects cannot be predicted. While they appear to have targets, like Slammer against South Korea, or Witty against the Pentagon, further analysis shows this was just a random effect that was impossible to predict ahead of time. Only in hindsight are these effects explainable.We should hold those causing accidents accountable, too, but it's a different accountability. The U.S. has caused more civilian deaths in its War on Terror than the terrorists caused triggering that war. But we hold these to be morally different: the terrorists targeted the innocent, whereas the U.S. takes great pains to avoid civilian casualties. Since we are talking about blaming those responsible for accidents, we also must include the NSA in that mix. The NSA created, then allowed the release of, weaponized exploits. That's like accidentally dropping a load of unexploded bombs near a village. When those bombs are then used, those having lost the weapons are held guilty along with those using them. Yes, while we should blame the hacker who added ETERNAL BLUE to their ransomware, we should also blame the NSA for losing control of ETERNAL BLUE.A country and its assets are differentWas it North Korea, or hackers affilliated with North Korea? These aren't the same.North Korea doesn't really have hackers of its own. It doesn't have citizens who grow up with computers to pick from. Moreover, an internal hacking corps would create tainted citizens exposed to dangerous outside ideas.Instead, North Korea develops external hacking "assets", supporting several external hacking groups in China, Japan, and South Korea. This is similar to how intelligence agencies develop human "assets" in foreign countries. While these assets do things for their handlers, they also have normal day jobs, and do many things that are wholly independent and even sometimes against their handler's interests.For example, this Muckrock FOIA dump shows how "CIA assets" independently worked for Castro and assassinated a Panamanian president. That they also worked for the CIA does not make the CIA responsible for the Panamanian assassination.That CIA/intelligence assets work this way is well-known and uncontroversial. The fact that countries use hacker assets like this is the controversial part. These hackers do act independently, yet we refuse to consider this when we want to "attribute" attacks.Attribution is politicalWe have far better attribution for the nPetya attacks. It was less accidental (they clearly desired to disrupt Ukraine), and the hackers were much closer to the Russian government (Russian citizens). Yet, the Trump administration isn't fighting Russia, they are fighting North Korea, so they don't officially attribute nPetya to Russia, but do attribute Wannacry to North Korea.Trump is in conflict with North Korea. He is looking for ways to escalate the conflict. Attributing Wannacry helps achieve his political objectives.That it was blatantly politics is demonstrated by the |
| Notes | |
| Envoyé | Oui |
| Condensat | since about above accident accidental accidentally accidents accidentthe accountability accountable achieve act acted actions added administration affiliated affilliated against agencies ahead allowed along also always among analysis anonymous answers appear are aren ask assassinated assassination assets attacks attribute attributed attributing attribution avoid backed because behind believe better blame blaming blatantly blue bombs british but can cannot carrying castro casualties cause caused causing challenge challenged china cia cia/intelligence citizens civilian clearly closer computers conclusionwe conflict consider control controversial corps countries country create created dangerous day deaths decision demonstrated desired develop develops different different: differentwas direction disabling disrupt does doesn don doubt dropping dump effect effects escalate eternal even evidence example experience explainable exploiting exploits exposed external fact far fighting flaws foia foreign from further general get goal good government great groups grow guilty hacker hackers hacking had handler handlers has have having held helps hindsight his hold holds how human ideas important impossible include independent independently information innocent instead intelligence intention intentional intentionally interests internal internet isn its itself japan jobs journal just know known korea last launching leaks less lesson like load looking losing lost made make many may merely mix month morally more moreover most much muckrock must near nhs normal north not npetya nsa nytimes objectives officially officials only orders out outside own pains panamanian part particulars pentagon pick political politicalwe politics pre precisely predict predicted president press problematic problems proper public pursuit questions random ransomware really refuse release released responsible russia russian same several should shows similar slammer some sometimes south stand street strong such support supporting system tainted takes talking targeted targets teaching terror terrorists than that them then these things those three through tied time too triggering true trump ukraine uncontroversial unexploded upon use used using village wall wannacry want war wasn way ways weak weaponized weapons well when where whereas whether which who wholly witty work worked worm worms would years yet |
| Tags | |
| Stories | Wannacry |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.