Reuters | By: Dustin Volz | Washington | Cyber Risk | Sat May 13, 2017 | 7:17am EDT:
A global cyber attack on Friday renewed concerns about whether the U.S. National Security Agency and other countries’ intelligence services too often hoard software vulnerabilities for offensive purposes, rather than quickly alerting technology companies to such flaws.
Hacking tools believed to belong to the NSA that were leaked online last month appear to be the root cause of a major cyber attack unfurling throughout Europe and beyond, security researchers said, stoking fears that the spy agency’s powerful cyber weapons had been stolen and repurposed by hackers with nefarious goals.
Some cyber security experts and privacy advocates said the massive attack reflected a flawed approach by the United States to dedicate more cyber resources to offense rather than defense, a practice they argued makes the internet less secure.
Across the U.S. federal government, about 90 percent of all spending on cyber programs is dedicated to offensive efforts, including penetrating the computer systems of adversaries, listening to communications and developing the means to disable or degrade infrastructure, senior intelligence officials told Reuters in March. (reut.rs/2o7qHqN)
“These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world,” Patrick Toomey, a staff attorney with the American Civil Liberties Union, said in a statement.
The NSA did not respond to a request for comment.
To read full article – please click here.
