Stories
Slash Boxes
Comments

SoylentNews is people

posted by on Sunday May 21 2017, @08:07PM   Printer-friendly
from the better-late-than-never dept.

After learning that one of its most prized hacking tools was stolen by a mysterious group calling itself the Shadow Brokers, National Security Agency officials warned Microsoft of the critical Windows vulnerability the tool exploited, according to a report published Tuesday by The Washington Post. The private disclosure led to a patch that was issued in March.

Those same NSA officials, according to Tuesday's report, failed to communicate the severity of the vulnerability to the outside world. A month after Microsoft released the patch, the Shadow Brokers published the attack code, code-named EternalBlue, that exploited the critical Windows vulnerability. A month after that, attackers used a modified version of EternalBlue to infect computers around the world with malware that blocked access to data. Within hours of the outbreak of the ransomware worm dubbed WCry, infected hospitals turned away patients; banks, telecommunications companies, and government agencies shut down computers.

"NSA identified a risk and communicated it to Microsoft, who put out an immediate patch," Mike McNerney, a former Pentagon cybersecurity official and a fellow at the Truman National Security Project, told The Washington Post. The problem, he said, is that no senior official took the step of shouting to the world: "This one is very serious, and we need to protect ourselves."

Source: ArsTechnica


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Interesting) by Snotnose on Monday May 22 2017, @02:14AM (2 children)

    by Snotnose (1623) on Monday May 22 2017, @02:14AM (#513268)

    Presidential Medal of Freedom sounds appropriate. These assholes (NSA et all) find vulnerabilities that make us all insecure and hoard them for their own use. Never mind the Chinese, Russians, and random hacker groups find the same vulnerabilities.

    This "leak" has made everyfuckingone of us a hell of a lot safer in the long run.

    --
    Why shouldn't we judge a book by it's cover? It's got the author, title, and a summary of what the book's about.
    Starting Score:    1  point
    Moderation   +2  
       Insightful=1, Interesting=1, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 2, Interesting) by anubi on Monday May 22 2017, @05:59AM (1 child)

    by anubi (2828) on Monday May 22 2017, @05:59AM (#513341) Journal

    That was the first thing that came to my mind, too. You beat me to it.

    Now, I am finally beginning to understand why my cries about computer security went ridiculed when I worked in the lower levels ( engineering ) of the aerospace industry.

    I now sincerely believe that at the same time I was expressing security concerns about Microsoft and the motherboard manufacturers, at the upper levels of the Military-Industrial Complex, hands were already shaking and pens were signing, implementing the very things I was concerned about.

    Its the only plausible explanation I can think of as to why my concerns fell on such deaf ears.

    I am now concerned with how much longer we will be able to buy hardware that will run linux, or will running linux one day be illegal?

    I see the day coming where only things like Raspberry PI's may be known to be trustworthy.

    --
    "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
    • (Score: 2) by pkrasimirov on Monday May 22 2017, @04:08PM

      by pkrasimirov (3358) Subscriber Badge on Monday May 22 2017, @04:08PM (#513561)

      > Its the only plausible explanation I can think of as to why my concerns fell on such deaf ears.
      You underestimate the human laziness and corporate comfort zones.