‘Militarization of cyberspace going out of control’: IT experts talk WannaCry ransomware hackstorm
The latest hack-storm is a direct consequence of world governments, most notably the US, stockpiling entire arsenals of cyber weapons they cannot keep under control, says Pierluigi Paganini, the head of cybersecurity at Grant Thornton Consultants.
“One of the most interesting things about these attacks is we are facing the side effect of what I call the militarization of cyberspace. Governments around the world are using hacking tools. The problem is sometimes these codes can go out-of-control, and that is exactly what is happening in this case,” Paganini told RT.
“A group of hackers leaked the tools used by the NSA, and someone has included these tools inside the ransomware code, giving it specific features that is allowing it to spread rapidly and hacking computers worldwide,” he added.
Vince Steckler, CEO of Avast Software confirmed in an interview with RT that “folks in their virus research team” share the general consensus that the NSA exploit was a key feature of the latest malware.
Meanwhile, the author of Inside Cyber Warfare, Jeffrey Carr, explained that the ransomware was apparently a variant of malware that was developed earlier and benefitted a lot from that backdoor.
“The [ransomware] variant leverages a flaw in Microsoft server that the NSA discovered. So it does leverage NSA discovered vulnerability on Windows server. And it takes advantage of that. That is the reason why, most likely it was so successful,” Carr stressed.
Arjen Kamphuis, lead information security advisor at Brunel NV, even suggested that Microsoft could have left the vulnerability open on purpose at the request of the US intelligence agencies.
“It could be that this particular tool for that type of crime is just slightly more effective than many of the other ones... It is using some of the vulnerabilities that were purposely built into Windows systems at the instructions of the NSA,” Kamphuis told RT.
Former hacker John Safa noted that the expertise and tools of the NSA and other intelligence agencies that leak to the outside world are inevitably “educating” a generation of more potent hackers.
“The information that is leaking from the NSA and the WikiLeaks information actually educates a lot of hackers into quite sophisticated hack techniques,” Safa told RT. “They are educating hackers that technically would not have savvy abilities to be able to break into these things. They accelerate their knowledge and also exploit the vulnerabilities that leaked documents provide.”
Bruno Kramm, the chairman of the Berlin chapter of the Pirate Party, noted that a lot of vulnerabilities lie in the backdoors built into many, especially outdated, operating systems, and that we must rethink our approach to cybersecurity.
“Why is it so easy? Because there’s so many backdoors in all the operating systems. It is a problem of OS monoculture,” Kramm told RT. “We should much more work with open-source software, with Linux systems which are open-source, and we have to use encryption, and we have to take more security measures for the more dangerous infrastructure, for example hospitals.”
Kramm also agreed with the notion that the leaked NSA tools helped facilitate the attack, “The tools of the NSA are like the tools of all the bad guys in this internet as it is today.”
“But the sad thing is the more we find out [about] the NSA having this software, the more we also know that this software is also of course traded. There is no software which you can keep inside of the system. From the moment the NSA works with the software, you can also get the software, and once you get the software you can use it in your own way. So basically it’s really a problem they have started.”
Loz Kaye, co-founder of the Open Technology think tank, described the NSA's handling of its hacking tools as ”irresponsible,” claiming that organizations and individuals are now paying for the intelligence agencies' mistakes.
"What we certainly know is that security agencies like the NSA, and certainly the GCHQ here in the UK were using what they called 'equipment interference' (hacking). They say these are legitimate tools," Kaye told RT.
"What is massively concerning also to those of us who have been saying all along is that these leave crucial infrastructure vulnerable. And that is what we are seeing."
The statements, views and opinions expressed in this column are solely those of the author and do not necessarily represent those of RT.