Malicious Cyber Capability Is Spreading. How Do We Stop It?

Read Original Article
Photo: Wikimedia Commons
Media Outlet: Slate

Rob Morgus wrote for Slate on how to address the spread of malicious cyber capability:

A global outbreak of ransomware is rapidly infecting machines in critical and not-so-critical infrastructure across the globe, including the National Health Service in the United Kingdom, a Spanish internet service provider, the German rail system, and mall billboards in Singapore. This digital pandemic illustrates a challenge that the cybersecurity community has been wrestling with for nearly a decade: how to counter the spread of malicious cyber capability. 
To help inform this conversation, let's first step back and review what we know about WannaCry, the ransomware sprinting across the globe. As has been widely reported, the malware leverages an exploit developed by the U.S. National Security Agency. The exploit, which was called EternalBlue, "works reliably against computers running Microsoft Windows XP," as Ars Technica put it. The developers of WannaCry combined this Windows exploit with code that allowed the ransomware to spread without so much as a keystroke or click from either the operator or the victim, locking machines and demanding ransom. How, you might ask, did this exploit reach the authors of WannaCry (which several groups have suggested is in North Korea)? In simple terms: The Shadow Brokers, the group that has spent the last few months leaking NSA tools, essentially made it open-source.

Author:

Robert Morgus is a senior policy analyst with New America’s Cybersecurity Initiative and International Security program and the deputy director of the FIU-New America C2B Partnership.