NSA should ‘shoulder some blame’ for WannaCry ransomware attack – Chinese state media

NSA should ‘shoulder some blame’ for WannaCry ransomware attack – Chinese state media
America’s National Security Agency (NSA) should accept partial blame for the WannaCry ransomware cyberattack which has infected more than 300,000 computers in 150 countries, according to Chinese state media.

A Wednesday editorial in the China Daily said that the NSA should "shoulder some of the blame, because the computer virus is based on one of the hacking tools that the agency created for its own use, which ended up in the hands of cyber criminals."

It notes the severity of the issue, stressing that even an agency "tasked with protecting citizens from cyberattacks" was left vulnerable to hackers.

The attack, which targets vulnerabilities in Microsoft Corp MSFT.O systems, did indeed use a tool built by the NSA which leaked online in April, according to Microsoft.

The editorial goes on to accuse the US of acting as a roadblock to efforts aimed at combating cybercrime.

"Concerted efforts to tackle cyber crimes have been hindered by the actions of the United States," it states.

The article stresses that cybersecurity has been "one of the major frictions" in relations between Washington and Beijing, with the US often "pointing an accusing finger" at China by claiming it is engaged in "state-sponsored cyber espionage."

It says that although the US has "no credible evidence" to support that accusation, some Chinese companies – such as Huawei Technologies Co Ltd – have still been effectively banned from the US market.

"This is hypocritical of the US, to say the least, because no other country has mounted such wide-ranging, costly and long-term surveillance operations in the history of the internet as the NSA's PRISM and other spy programs."

The author of the editorial says the attack should "instill greater urgency" for China to produce its own core technologies, noting that President Xi Jinping has urged the same thing.

The attack should also prompt the world's "two top economies" to engage in "more meaningful" cybersecurity dialogue, the article states.

The WannaCry attack has infected some 300,000 computers across the globe since Friday. Around 30,000 of those are located in China, according to the newspaper.

The editorial comes as Beijing prepares to enforce a cybersecurity law which US business groups say will threaten the operations of foreign firms in China, implementing strict local data storage laws and surveillance requirements.

China has long pushed for a more equitable balance in global cyber governance, criticizing US dominance.

The WannaCry malware works by sending users a text file with a ransom demand for some $300 worth of bitcoins. It also installs a countdown timer on the victim's wallpaper, demanding that the ransom be paid to avoid having private files deleted.

Analysts believe the source of the malware may be North Korea or those trying to frame it, pointing to code similarities between the virus and a malware attributed to alleged hackers from the country.