When should spies tell companies that their systems can be hacked?

170414164006-nsa-hackers-shadow-brokers-780x439May 14: A massive ransomware attack was carried out Friday, hitting hospitals, companies and government offices in nearly 100 countries.

It spread through a vulnerability leaked last month in a trove of hacking tools believed to belong to the NSA. The ransomware outbreak has reignited the debate about when spy agencies should disclose these vulnerabilities — especially when people’s lives are at stake.

The NSA and other spy agencies look for software vulnerabilities and then build tools to target and exploit them. Under current laws, they don’t have to report the flaws to the company at risk. Instead, they can use them for intelligence gathering or law enforcement.

The leaked hacking tools publicized a Windows vulnerability. Even though Microsoft released a patch in March, computers and networks that hadn’t updated their systems were still at risk. The ransomware, called WannaCry, locked down all the files on an infected computer and asked the computer’s administrator to pay in order to regain control of them.money.cnn.com

Related News

Comments are closed

TOP NEWSview all

Teacher quits job and takes to kiwi cultivation

PM submits Security Council report to President

CIAA to ban share trading activities within Singha Durbar

Nepal: a country needing improvement

PM Oli stresses on cooperation between KU and Dhulikhel Hospital




Positive Development Media Pvt. Ltd. / Regd. No: 232 / 073-74

Newbaneshwor
Kathmandu, Nepal

4479401


Editor : Mr. Divesh J.B. Rana

Chairperson : Mr. Kishore Thapa


Counter:
Web Counter