When should spies tell companies that their systems can be hacked?

170414164006-nsa-hackers-shadow-brokers-780x439May 14: A massive ransomware attack was carried out Friday, hitting hospitals, companies and government offices in nearly 100 countries.

It spread through a vulnerability leaked last month in a trove of hacking tools believed to belong to the NSA. The ransomware outbreak has reignited the debate about when spy agencies should disclose these vulnerabilities — especially when people’s lives are at stake.

The NSA and other spy agencies look for software vulnerabilities and then build tools to target and exploit them. Under current laws, they don’t have to report the flaws to the company at risk. Instead, they can use them for intelligence gathering or law enforcement.

The leaked hacking tools publicized a Windows vulnerability. Even though Microsoft released a patch in March, computers and networks that hadn’t updated their systems were still at risk. The ransomware, called WannaCry, locked down all the files on an infected computer and asked the computer’s administrator to pay in order to regain control of them.money.cnn.com

Related News

Leave a Reply

टाइप गरेर स्पेस थिच्नुहोस् र नेपाली युनिकोडमा पाउनुहोस। (Press Ctrl+g to toggle between English and Nepali OR just Click on the letter). अंग्रेजीमा टाइप गर्न "अ" मा थिच्नुहोस्।

*
Advertise Section 7

TOP NEWSview all

Even though it’s late, victims will get something from the commission: Subedi

Cecil and Harambe; a lesson for Himalayan Republic

Trip Down under

We want real conversion of our students beyond religion: Fr. Boniface Tigga, Regional Superior of Nepal Jesuit Society

I am inspired by the kindness, decency and warmth of the people of Nepal: DeLisi