- #1
- 5,220
- 2,264
Are any of you familiar with Asimov's short story "A Perfect Fit"? I was thinking that if they catch the perpetrators of the WannaCry ransomware attack, Asimov already saw this coming and has their punishment all ready.
jedishrfu said:My guess is that eventually we will have a total lockdown on computer updates unless AI technology can somehow identify malware and eliminate it from being downloaded and installed.
Agreed. When you consider a zero-day exploit as a weapon, it's no wonder why countries invest heavily to stockpile them, though unlike conventional weapons, zero-days are only effective until exposed and patched.jedishrfu said:The exploitation of zero days is the outcome of countries jockeying for position in the world causing one country to not trust any other. Many countries have cyber war operations and all are seeking the best exploits.
It's so sad that we are balkanizing the openness of the internet in so many ways for so many reasons.
stoomart said:Agreed. When you consider a zero-day exploit as a weapon, it's no wonder why countries invest heavily to stockpile them, though unlike conventional weapons, zero-days are only effective until exposed and patched.
I was right there with you and then you completely lost me haha. Why not just mandate rolling updates for any computer connected to the internet and make it illegal for government institutions to sit on zero-day exploits?jedishrfu said:The exploitation of zero days is the outcome of countries jockeying for position in the world causing one country to not trust any other. Many countries have cyber war operations and all are seeking the best exploits.
It's so sad that we are balkanizing the openness of the internet in so many ways for so many reasons.
My guess is that eventually we will have a total lockdown on computer updates unless AI technology can somehow identify malware and eliminate it from being downloaded and installed.
I would love to go further and say make it illegal for anyone to sit on zero days.Jamison Lahman said:make it illegal for government institutions to sit on zero-day exploits?
Interesting. I had never thought of that. It is certainly a possibility if you consider them a weapon of sorts. However, I think people should be allowed to sit on zero days for two reasons: one, the more rights the better imo and 2, programmers would no longer have an incentive to find exploits. Some people make a living finding security flaws in codes and they should be able to haggle with the companies to reach an appropriate price so they can patch the exploit.Routaran said:I would love to go further and say make it illegal for anyone to sit on zero days.
WHAT!? And get jailed as an "accessory" for selling to the wrong bidder?jedishrfu said:Perhaps an open auction for exploits would work where anyone could bid for them.
The WannaCry cyberattack was carried out by a group of hackers known as the Lazarus Group, believed to have ties to North Korea.
The motive behind the WannaCry attack was financial gain. The hackers demanded ransom payments in bitcoin in exchange for unlocking the encrypted files on the infected computers.
The WannaCry attack spread through a vulnerability in Microsoft Windows operating systems that had not been patched. The hackers used a tool developed by the National Security Agency to exploit this vulnerability and spread the malware.
The WannaCry culprits were not caught, but researchers were able to trace the bitcoin payments made to the hackers, revealing their identities and potential ties to the Lazarus Group and North Korea.
To prevent similar cyberattacks in the future, it is important for individuals and organizations to regularly update their operating systems and software, use strong and unique passwords, and backup important data. Governments and tech companies also need to work together to improve cybersecurity measures and address vulnerabilities.