https://www.buzzfeednews.com/article/kevincollier/hacking-geneva-convention-us-opposition-russia
By Kevin Collier
BuzzFeed News Reporter
BuzzFeed.com
November 19, 2018
A year and a half after North Korea and Russia each tinkered with a stolen
US hacker tool and wreaked global havoc, the world's governments are at an
impasse about how to stop it from happening again.
Fifty-one of the world’s governments -- including the United Kingdom, the
US's top ally in cyberspace -- signed an agreement last week to work
together to "prevent the proliferation of malicious online programmes and
techniques," among other means of promising to try to help secure the
internet. But some of the top-tier cyberpowers in the world -- the US,
Australia, and Israel -- declined to go along, as did the US's top cyber
adversaries -- China, Iran, North Korea, and Russia.
It wasn't mentioned in any of the official languages of the agreement, but
looming large behind it is the creation and abuse of an elite hacker tool
called EternalBlue. Designed by the US National Security Agency, it's
extraordinarily effective at breaking into older, unpatched versions of
Windows. In 2016, a mysterious entity calling itself "the Shadow Brokers,"
whose real identity is conspicuously still unknown, obtained and released
EternalBlue to anyone who cared to visit its blog.
The NSA told Microsoft about the tool soon after it leaked, but plenty of
people around the world either don’t update their computers or used older,
pirated versions of Windows. The next year, both Russia and North Korea
used EternalBlue to create the two most destructive cyberattacks to date.
Both were versions of a ransomware worm -- a piece of malicious software
that both holds a computer hostage and spreads to others. North Korea's,
known as WannaCry, crippled the UK’s National Health Service. Russia's,
NotPetya, was aimed at Ukraine but resulted in international shipping
company Maersk and pharmaceutical giant Merck being completely hobbled for
days. There were countless other victims.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
