Nicholas Weaver

Nicholas Weaver is a senior staff researcher focusing on computer security at the International Computer Science Institute in Berkeley, California. All opinions are his own.

@ncweaver

Subscribe to this Lawfare contributor via RSS.

On Kaspersky

Nicholas Weaver Tue, Jul 25, 2017, 2:39 PM

No government or defense contractor should use Kaspersky Lab products.

Read more about On Kaspersky

Thoughts on the NotPetya Ransomware Attack

Nicholas Weaver Wed, Jun 28, 2017, 4:16 PM

The most recent ransomware attack, which spread across Europe, the United States, and Asia yesterday, represents a chilling evolution in the worm-as-weapon.

Read more about Thoughts on the NotPetya Ransomware Attack

A Cyber-Weapon Warhead Test

Nicholas Weaver Wed, Jun 14, 2017, 11:38 AM

The CrashOverride program represents the first-in-the-wild case of a generic automated attack: one that is designed to affect all systems of a given family, not just a particular installation. If someone were to couple this warhead to a self-propagating worm for delivery, it could constitute a global threat.

Read more about A Cyber-Weapon Warhead Test

Secrecy & Leaks

Recent NSA Leak Arrest: A Few Observations and a Lesson

Nicholas Weaver Wed, Jun 7, 2017, 11:25 AM

Reality Leigh Winner, a recently separated Air Force linguist and a new hire by Pluribus International Corporation as a support contractor with a Top Secret clearance, allegedly searched for and printed out a Top Secret government report, folded it up, and dropped it in the mail to an online news outlet. Yesterday, the U.S. Attorney’s office revealed her arrest in an unsealed indictment.

Read more about Recent NSA Leak Arrest: A Few Observations and a Lesson

Cybersecurity

The Shadow Brokers' "Dump of the Month" Club

Nicholas Weaver Tue, May 16, 2017, 1:41 PM

I thought the Windows tools were the most damaging the Shadow Brokers have to offer. Today, with the announcement of the Shadow Broker’s Data Dump of the Month club, I may need to eat some crow.

Read more about The Shadow Brokers' "Dump of the Month" Club

Cybersecurity

Crying About WannaCry: Notable Features of the Newest Ransomware Attack

Nicholas Weaver Fri, May 12, 2017, 8:04 PM

There are a number of interesting technical features about the WannaCry ransomeware attack.

Read more about Crying About WannaCry: Notable Features of the Newest Ransomware Attack

Cybersecurity

Shadow Brokers Redux: Dump of NSA Tools Gets Even Worse

Nicholas Weaver Fri, Apr 14, 2017, 12:31 PM

Today, the Shadow Brokers group released what may be their most damaging dump against the NSA to date and without question the most damaging post-Snowden release.

Read more about Shadow Brokers Redux: Dump of NSA Tools Gets Even Worse