{"id":307902,"date":"2017-05-13T00:33:36","date_gmt":"2017-05-12T23:33:36","guid":{"rendered":"http:\/\/rinf.com\/alt-news\/newswire\/leaked-nsa-exploit-blamed-for-global-ransomware-cyberattack\/"},"modified":"2017-05-13T00:33:36","modified_gmt":"2017-05-12T23:33:36","slug":"leaked-nsa-exploit-blamed-for-global-ransomware-cyberattack","status":"publish","type":"post","link":"http:\/\/rinf.com\/alt-news\/newswire\/leaked-nsa-exploit-blamed-for-global-ransomware-cyberattack\/","title":{"rendered":"Leaked NSA exploit blamed for global ransomware cyberattack"},"content":{"rendered":"

<\/p>\n

A zero-day vulnerability tool, covertly exploited by US intelligence agencies and exposed by the Shadow Brokers hacking group has been blamed for the massive spread of malware that infected tens of thousands of computer systems globally.<\/p>\n

\n

LIVE UPDATES: Mass cyberattack strikes computer systems worldwide<\/a><\/strong><\/p>\n

The ransomware virus which extorts Windows users by blocking their personal files and demanding payment to restore access, allegedly exploits a vulnerability that was discovered and concealed for future use by the National Security Agency (NSA), according to a range of security experts.<\/a><\/p>\n

\u201cOur analysis indicates the attack, dubbed \u201cWannaCry\u201d, is initiated through an SMBv2 remote code execution in Microsoft Windows. This exploit (codenamed \u201cEternalBlue\u201d) has been made available on the internet through the Shadowbrokers dump on April 14th, 2017,\u201d<\/em> Russian cybersecurity firm, Kaspersky Lab, wrote<\/a> in a blog post about the attack.<\/p>\n

Although Microsoft had already patched the backdoor roughly a month before it became public, many users who did not install the latest security updates seem to have become the primary victims of the attack.<\/p>\n

Meanwhile, NSA whistleblower Edward Snowden has led the discussion on NSA\u2019s role and responsibility in Friday\u2019s extensive cyberattacks, noting that if the NSA had \u201cprivately disclosed the flaw used to attack hospitals when they found it, not when they lost it, this may not have happened.\u201d<\/em><\/p>\n

<\/p>\n
\n

If NSA builds a weapon to attack Windows XP\u2014which Microsoft refuses to patches\u2014and it falls into enemy hands, should NSA write a patch? https:\/\/t.co\/TUTtmc2aU9<\/a><\/p>\n

\u2014 Edward Snowden (@Snowden) May 12, 2017<\/a><\/p><\/blockquote>\n

<\/center><\/div>\n

<\/p>\n
\n

This is true. Patching lags releases because IT needs to be conservative and slow. This is the danger of leaving 0-days in the wild. https:\/\/t.co\/TaEz1fxuTJ<\/a><\/p>\n

\u2014 David Auerbach (@AuerbachKeller) May 12, 2017<\/a><\/p><\/blockquote>\n

<\/center><\/div>\n

<\/p>\n
\n

Lots to digest on latest hack, but 1 critical point for encryption debate: The “we can keep centralized secrets safe” arg has taken a hit.<\/p>\n

\u2014 Alex Abdo (@AlexanderAbdo) May 12, 2017<\/a><\/p><\/blockquote>\n

<\/center><\/div>\n

<\/p>\n
\n

Curious… does it matter that this was NSA malware? Or is the bigger issue the missing patches, open ports, and legacy systems?<\/p>\n

\u2014 Steve Ragan (@SteveD3) May 12, 2017<\/a><\/p><\/blockquote>\n

<\/center><\/div>\n

Snowden noted that the NSA developed these \u201cdangerous attack tools that could target Western software\u201d<\/em> despite warnings, and that it\u2019s now up to congress to question the agency on its knowledge of any other software vulnerabilities.<\/p>\n

Wikileaks also referred to its dealings with the whistleblower behind its Vault 7 CIA releases who warned of the extreme proliferation risk in the creation of cyber weapons.<\/p>\n

The impact the cyberattack has had on hospitals has raised the greatest concerns. Some 39 hospital trusts as well as GP practices and dental services in the NHS system were targeted across England and Scotland.<\/p>\n

<\/p>\n
\n

British journalists should be asking if GCHQ knew of the vulnerability being used to attack NHS but kept it secret so they could use it.<\/p>\n

\u2014 WikiLeaks (@wikileaks) May 12, 2017<\/a><\/p><\/blockquote>\n

<\/center><\/div>\n

READ MORE: Hospital computers across Britain shut down by cyberattack, hackers demanding ransom<\/a><\/strong><\/p>\n

The worm has also reportedly hit universities, a major Spanish telecom, FedEx, and the Russian Interior Ministry.<\/p>\n

Bruno Kramm, the chairman of the Berlin branch of the Pirate Party told RT that a lot of vulnerabilities lie in the backdoors built into operating systems.<\/p>\n

\u201cBut the sad thing is the more we find out [about] the NSA having this software, the more we also know that this software is also of course traded. There is no software which you can keep inside of the system.<\/em><\/p>\n

From the moment the NSA works with the software, you can also get the software, and once you get the software you can use it in your own way. So basically, it\u2019s really a problem they have started.\u201d<\/em><\/p>\n

The American Civil Liberties Union reiterated Snowden\u2019s calls for congress to intervene. It also expressed concerns that the NSA could have been aware that Microsoft was vulnerable but failed to disclose this until after the tools were stolen.<\/p>\n

<\/p>\n
\n

It would be deeply troubling if the NSA knew Microsoft was vulnerable in this way but waited to disclose. Congress can and should fix this. https:\/\/t.co\/jdAr6kkB6N<\/a><\/p>\n

\u2014 ACLU National (@ACLU) May 12, 2017<\/a><\/p><\/blockquote>\n

<\/center><\/div>\n

\u201cIt is past time for Congress to enhance cybersecurity by passing a law that requires the government to disclose vulnerabilities to companies in a timely manner.<\/em><\/p>\n

Patching security holes immediately, not stockpiling them, is the best way to make everyone\u2019s digital life safer,\u201d<\/em> Patrick Toomey, a staff attorney with the American Civil Liberties Union\u2019s National Security Project.<\/p>\n<\/div>\n

Via RT<\/a>. This piece was reprinted by RINF Alternative News<\/a> with permission or license.<\/p>\n","protected":false},"excerpt":{"rendered":"

A zero-day vulnerability tool, covertly exploited by US intelligence agencies and exposed by the Shadow Brokers hacking group has been blamed for the massive spread of malware that infected tens of thousands of computer systems globally. LIVE UPDATES: Mass cyberattack strikes computer systems worldwide The ransomware virus which extorts Windows users by blocking their personal […]<\/p>\n","protected":false},"author":1,"featured_media":307903,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[519],"tags":[],"class_list":{"0":"post-307902","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-newswire"},"_links":{"self":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts\/307902","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/comments?post=307902"}],"version-history":[{"count":0,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts\/307902\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/media\/307903"}],"wp:attachment":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/media?parent=307902"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/categories?post=307902"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/tags?post=307902"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}