Slashdot Mirror
Chinese State Media Says US Should Take Some Blame For Cyberattack (cnbc.com)
An anonymous reader shares a CNBC report: Chinese state media on Wednesday criticized the United States for hindering efforts to stop global cyber threats in the wake of the WannaCry ransomware attack that has infected more than 300,000 computers worldwide in recent days. The U.S. National Security Agency (NSA) should shoulder some blame for the attack, which targets vulnerabilities in Microsoft systems and has infected some 30,000 Chinese organisations as of Saturday, the China Daily said. "Concerted efforts to tackle cyber crimes have been hindered by the actions of the United States," it said, adding that Washington had "no credible evidence" to support bans on Chinese tech firms in the United States following the attack. The malware attack, which began on Friday and has been linked by some researchers to previous hits by a North Korean-run hacking operation, leveraged a tool built by the NSA that leaked online in April, Microsoft says.
Blame Microsoft.
It's not just the Chinese saying "blame the NSA".
https://www.washingtonpost.com...
http://www.zerohedge.com/news/2017-05-14/microsoft-slams-nsa-letting-its-hacking-tools-cause-global-malware-epidemic
If the National Security agency had actually given a shit about security, it would help companies fix these problems before they are exploited in the wild, rather than hoard and weaponize them. They made a conscious decision to attack security rather than enhance it. As a result, critical infrastructure such as hospitals have suffered, and we haven't seen the end of it yet.
It is a rogue agency, and needs to be brought to heel. When parts of the government start treating its own people as enemies, it's time for a clean slate. You need intelligence agencies. They provide an important service to the nation. You do not need intelligence agencies that violate the Constitution and cause cyber-security issues all around the world. It has gone beyond anything acceptable, and must be dismantled and a new one created under the careful oversight of civilians who have an allegiance to civil rights.
According to Engaget and other sources. So yea, the US is to blame for all the pirated un-patched installs of XP in China. Russia has purportedly Russia 64 percent. Isn't it strange that the NSA would code such and exploit. Live by the sword, die by the sword.
While it might have been the NSA that created the basis of the ransomware, there's really larger problems. Any hacker could have discovered the vulnerability and launched the same attack.
The first problem is that the malware affected Russia and China in greater numbers for the simple reason that many Windows installations there are pirated so they are not likely to receive patches. MS for their part did patch the vulnerability in the March cumulative update if I remember correctly.
The second problem is that MS didn't patch unsupported, older versions of Windows until WannaCry became widespread (Windows XP, Vista, etc). So there are still many older versions of Windows out there being used. This second problem does affect companies and machines that have stayed on older Windows for a number of reasons (hospitals, factories, etc.)
The third problem is that trust in MS has slowly been eroded over the years with their behavior:
For many, they simply don't trust MS anymore. In years past, a bad patch every now and then could be forgiven. With no trust in MS, consumers are simply taking their chances.
Well, there's spam egg sausage and spam, that's not got much spam in it.
... when the Chinese take a LOT of blame (all the blame?) for North Korea.
For over 50 YEARS, CHINA has been basically the SOLE supporter of a despotic regime that, in addition to crimes and atrocities only exceeded by the Holocaust, Stalin or "The Great Leap Foward", through forced labor, prison camps and also responsible for the DEATHS of MILLIONS of its citiizens (primarily through starvation), is now threatening the security of much of the world (even Putin made some nervous remarks). That the North Koreans don't give a flying F*** about convention or Geneva protocols or whatever is obvious from their past terrorist attacks (bombing of an airliner) to using the (most) deadly chemical weapon known to man (basically all other nations have destroyed their stocks) in a densely populated city in an uninvolved country just to kill one possible dissident (and they probably smuggled it in via diplomatic pouch, hence the police apprehending N. Korean embassy workers).
That the Chinese were willing to put an entire nation of people IN HELL for five decades just so that they could possibly keep the Americans from being on their doorstep shows how little regard they have for HUMAN RIGHTS or even LIFE. (They probably could've gotten the Americans to have agreed to leave S. Korea if N. Korea was unified. From what I can tell, they never tried). But even if you were ignorant of the North Korean situation, you could probably have guessed their (lack of) morals from the way they treated Tibet and their own ethnic minorities.
That is why I have so little regard for the Chinese (government) and long ago stopped making direct investments in China. As for their citizens, I'd like to believe that they are the classic example of why a people blindfolded by censorship can be lead to do the worst imaginable things. A person can easily be convinced to murder (and a country to genocide) if he is lied to.
It is not the NSA's responsibility to make sure software is secure.
Sorry, but you're wrong. The National Security Agency has multiple tasks. Among them and besides the signals-intelligence role, they are also tasked with securing the US' data networks as part of essential infrastructure vital to national security.
They sacrificed national security for signals-intelligence capability, mostly motivated by domestic politics and the desire to use the NSA domestically to suppress dissent and political opposition. I blame this change in the NSA to the political appointees that have been replacing the 'old guard' within the agency over the last few past administrations both (R) and (D). Patriotism and idealism among the leadership has been mostly supplanted by cynicism,fanaticism, political ambition, and a nearly sociopathic attitude towards society and the people, almost a God-complex in some cases.
It would not surprise me that the shadow brokers are talented geeks that were approached by the NSA but refused to go to work for them, and/or ones who quit the agency in disgust and despair.
Who the SB are and what they want is really not important here, however. It is the fact that a US Agency that is, at the very least, obligated to take steps to alert the necessary parties when they discover a major vulnerability in vital national infrastructure did in fact do the opposite in hopes of using it as a weapon at some point while vital national infrastructure, including financial and healthcare networks were at risk, is massively irresponsible, self-centered, stupid, criminal, and itself a threat to national security.
Heck, I'd expect the Dept. of Interior to report vulnerabilities they discover in vital national infrastructure, never mind the National Security Agency, FFS! What are we paying these power-tripping fools for, anyway? This fiasco sure ain't in their charter!
The NSA needs to be gutted, audited, and totally re-invented with sufficient limits on its powers and authorities and enough oversight and enforcement in place to make certain laws and rules are followed and Constitutional protections respected. Same with much of the US Government's litany of agencies and departments.
Strat
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.