WannaCry

Latest in WannaCry

Cyber Command

Separating NSA and CYBERCOM? Be Careful When Reading the GAO Report

Robert Chesney Mon, Aug 7, 2017, 1:01 PM

The Government Accountability Office last week published a report that, among other things, weighs in on the pros and cons of the NSA/CYBERCOM “dual-hat” system (pursuant to which the director of the NSA/CSS and commander of CYBERCOM are the same person). The report deserves attention but also some criticism and context. Here’s a bit of all three.

1. What is the “dual-hat” issue?

Read more about Separating NSA and CYBERCOM? Be Careful When Reading the GAO Report

Cybersecurity

No, the U.S. Government Should Not Disclose All Vulnerabilities in Its Possession

Rick Ledgett Mon, Aug 7, 2017, 8:30 AM

Newly revived calls for the U.S. government to release all the vulnerabilities it holds are understandable but misguided.

Read more about No, the U.S. Government Should Not Disclose All Vulnerabilities in Its Possession

Cybersecurity

Rediscovering Vulnerabilities

Trey Herr, Bruce Schneier Fri, Jul 21, 2017, 11:30 AM

Software and computer systems are a standard target of intelligence collection in an age where everything from your phone to your sneakers has been turned into a connected computing device. A modern government intelligence organization must maintain access to some software vulnerabilities into order to target these devices. However, the WannaCry ransomware and NotPetya attacks have called attention to the perennial flipside of this issue—the same vulnerabilities that the U.S. government uses to conduct this targeting can also be exploited by malicious actors if they go unpatched.

Read more about Rediscovering Vulnerabilities

Cyber & Technology

Ransomware Remixed: The Song Remains the Same

Trey Herr Wed, Jun 28, 2017, 10:11 AM

How to understand the latest ransomware epidemic.

Read more about Ransomware Remixed: The Song Remains the Same

Cybersecurity and Deterrence

How Trump’s Executive Order Could Have Stopped the WannaCry Attack

Steven Weber, Chuck Kapelke Tue, Jun 13, 2017, 1:08 PM

Last month, a ransomware attack—one of the most far-reaching cyberattacks in history—affected thousands of hospitals, corporations, and other institutions in more than 150 countries. At least some solutions can be found in the executive order signed by President Trump the day before the attack began.

Read more about How Trump’s Executive Order Could Have Stopped the WannaCry Attack

Cybersecurity

The Shadow Brokers' "Dump of the Month" Club

Nicholas Weaver Tue, May 16, 2017, 1:41 PM

I thought the Windows tools were the most damaging the Shadow Brokers have to offer. Today, with the announcement of the Shadow Broker’s Data Dump of the Month club, I may need to eat some crow.