Dismiss Notice
Join Physics Forums Today!
The friendliest, high quality science and math community on the planet! Everyone who loves science is here!

If they catch the WannaCry culprits

  1. May 14, 2017 #1

    phyzguy

    User Avatar
    Science Advisor

    Are any of you familiar with Asimov's short story "A Perfect Fit"? I was thinking that if they catch the perpetrators of the WannaCry ransomware attack, Asimov already saw this coming and has their punishment all ready.
     
  2. jcsd
  3. May 15, 2017 #2

    jedishrfu

    Staff: Mentor

    I'm guessing the heat is on and they will find these guys.
     
  4. May 15, 2017 #3

    anorlunda

    User Avatar
    Science Advisor
    Gold Member

    It is also most interesting that those most affected are those who run pirated copies of Windows in China and Russia. According to the news, those who have been getting regular updates are immune. Will there be pressure now for software vendors to support pirate copies? Suppose refusing to do so causes deaths? Suppose pirated SW could accidentally launch nuke missiles in NK? It makes a real dilemma.

    Zero day exploits, are not limited to Microsoft. Unix, hard drives, routers, NIC cards, and mother boards all have zero day exploits.

    The government has a committee that is said to evaluate these zero day exploits to decide whether to conceal/exploit them or to reveal them to the SW vendor for patching. They are said to weigh the offensive value versus defensive risks. How in the world can one make a factual assessment of the max damage an exploit could cause? The mere idea of making such an assessment is preposterous.

    I worked many years in SW relating to the security of the power grid and nuclear power. We don't use Microsoft and our critical stuff is air gapped, but we are forced to use the same merchant software and hardware as anybody else in the world. It infuriates me that we might have vulnerabilities in our systems that our government knows about but refuses to reveal so that we could fix them. It infuriates me even more when that same government comes with a pitch for public-private partnerships to improve security. The offensive cyber capabilities of our own government are a major source of risk to the defensive vulnerabilities of our civilian critical infrastructure.
     
  5. May 15, 2017 #4

    jedishrfu

    Staff: Mentor

  6. May 15, 2017 #5

    jedishrfu

    Staff: Mentor

    The exploitation of zero days is the outcome of countries jockeying for position in the world causing one country to not trust any other. Many countries have cyber war operations and all are seeking the best exploits.

    It's so sad that we are balkanizing the openness of the internet in so many ways for so many reasons.

    My guess is that eventually we will have a total lockdown on computer updates unless AI technology can somehow identify malware and eliminate it from being downloaded and installed.
     
  7. May 15, 2017 #6

    anorlunda

    User Avatar
    Science Advisor
    Gold Member

    For consumer use, that wouldn't be so bad. A laptop with all software in ROM, non-alterable, non-updatable. Discard it when it becomes obsolete. Devices like the Chromebook are halfway there.

    If you study The New Hacker's Dictionary, you'll see that we have been going back and forth on that concept for more than 60 years (I forget the term, it was "the cycle of ..." something). Push intelligence out to the perimeter (smart devices) or centralize the smarts and make the devices dumb. In the future, I predict that we will flip-flop and change our ideas on that issue again and again.
     
  8. May 15, 2017 #7

    jedishrfu

    Staff: Mentor

    Yeah I've seen that trend of back and forth. We started with terminals. They got smarter when pcs came out then went back to terminals for X-windows and then back to pcs and now we see a resurgence of Remote Desktop usage and the air gap.
     
  9. May 15, 2017 #8
    Agreed. When you consider a zero-day exploit as a weapon, it's no wonder why countries invest heavily to stockpile them, though unlike conventional weapons, zero-days are only effective until exposed and patched.
     
  10. Jun 3, 2017 #9

    DavidSnider

    User Avatar
    Gold Member

    People have already shown methods to automatically reverse engineer exploits FROM patches. This creates an interesting problem about how to distribute patches.
     
  11. Jun 3, 2017 #10

    jedishrfu

    Staff: Mentor

    Its not too bad of a problem if autoupdate is implemented. Machines would get the patch installed sooner than later making reverse engineering less feasible.

    Of course that brings up the worry of the updating protocol getting hacked.
     
    Last edited: Jun 25, 2017
  12. Jun 4, 2017 #11
    I was right there with you and then you completely lost me haha. Why not just mandate rolling updates for any computer connected to the internet and make it illegal for government institutions to sit on zero-day exploits?
     
  13. Jun 5, 2017 #12
    I would love to go further and say make it illegal for anyone to sit on zero days.
     
  14. Jun 5, 2017 #13
    Interesting. I had never thought of that. It is certainly a possibility if you consider them a weapon of sorts. However, I think people should be allowed to sit on zero days for two reasons: one, the more rights the better imo and 2, programmers would no longer have an incentive to find exploits. Some people make a living finding security flaws in codes and they should be able to haggle with the companies to reach an appropriate price so they can patch the exploit.
     
  15. Jun 5, 2017 #14

    jedishrfu

    Staff: Mentor

    Perhaps an open auction for exploits would work where anyone could bid for them.
     
  16. Jun 25, 2017 #15
    WHAT!? And get jailed as an "accessory" for selling to the wrong bidder?:olduhh:
     
  17. Jun 25, 2017 #16

    jedishrfu

    Staff: Mentor

    The bidder would get arrested too, right? Problem solved.

    The idea is to take out of the Dark Web where this already happens and it allows companies to bid on it to keep it from prying eyes. The seller discovered it and waits until the best respectable bidder comes along but its out in the open where bad guys might fear to tread.

    Folks could buy it up and then resell it giving the company an incentive to buy it for good or to change things so that its ineffective.
     
  18. Jun 25, 2017 #17
    I believe it was tracked to North Korea, although I wouldn't be surprised if they hadn't a clue and just blamed them because everyone would believe it.
     
  19. Jun 25, 2017 #18

    jedishrfu

    Staff: Mentor

    The dark web is a strange. Professional hackers can sell their exploits to anyone and mever know who buys it.

    State actors like North Korea could easily have found stuff there.
     
  20. Jun 25, 2017 #19
    I don't see how a state actor such as NK has anything to gain from ransomware attacks.
    It's just normal robbery as far as I can see, and although my own PC defense dealt with it, an attempted hack appeared to originate from Poland.
     
  21. Jun 26, 2017 #20

    jedishrfu

    Staff: Mentor

    The advantage to NK is added money to their coffers. The international community has shut down a lot of their revenue streams. The money is needed to keep the gifting economy going. This is the way the leaders of NK have maintained their grip on power all these years.

     
Know someone interested in this topic? Share this thread via Reddit, Google+, Twitter, or Facebook

Have something to add?
Draft saved Draft deleted



Similar Discussions: If they catch the WannaCry culprits
  1. About Google Catching (Replies: 2)

Loading...