Earlier this month, May 2017, hospitals, corporations, and government offices in 74 countries around the world, were hit by ransomeware attacks. Ransomware is malicious software that locks a computer and it’s data with strong cryptographic algorithms, until the owners of the computer pay a ransome.
Interestingly, the computer code used in crafting the malicious software that compromised those systems with ransomeware was derived from code developed by the United States’ National Security Agency (NSA). The NSA had identified security flaws in the Microsoft Windows operating systems and rather than contact Microsoft to get the vulnerabilities patched, they created exploit code. Presumably, those vulnerabilities enabled the NSA to access the computers (and data of their targets). In August 2016, several NSA hacking tools and information security exploit code were leaked by a hacker group, who refer to themselves as Shadow Broker. Those leaks have provided Cybercriminals with sophisticated and free firepower for their arsenal.
Should the NSA and similar organizations hoard security vulnerabilities or backdoors, rather than help to secure broadly used systems when such flaws are found?
Do security backdoors discovered and kept by government agencies, improve or lower national security?
Read more about these latest ransomware attacks on ArsTechnica
