Thursday, October 31, 2024

Did Kim Jong Un Really Release the WannaCry Virus?

December 22, 2017 by  
Filed under Choosing Lingerie

Comments Off

This article first appeared on Just Security.

The Trump Administration this week formally accused the North Korean government of responsibility for the WannaCry ransomware attacks that hobbled hundreds of thousands of computers “in more than 150 countries” in May 2017.

The accusation came first in a Wall Street Journal op-ed by U.S. Homeland Security Advisor Tom Bossert Monday night. At a press briefing on Tuesday, Bossert explained that North Korea’s “malicious behavior is growing more egregious, and . . . [t]he attribution is a step towards holding them accountable  . . .”

He noted, “We do not make this allegation lightly. We do so with evidence, and we do so with partners. Other governments and private companies agree. The United Kingdom, Australia, Canada, New Zealand, and Japan have seen our analysis, and they join us in denouncing North Korea for WannaCry.”

GettyImages-888602108 This undated picture released from North Korea’s official Korean Central News Agency (KCNA) on December 09, 2017 shows North Korean leader Kim Jong-Un visiting Mount Paektu in Ryanggang Province. AFP/Getty

The attribution is in many ways unsurprising. Private companies alleged North Korean involvement within days of the ransomware’s spread, and the Washington Post reported in June that the National Security Agency had concluded that North Korea was behind the WannaCry worm.

Nonetheless, the attribution raises several important questions.

1. Where’s the evidence?

Attribution by op-ed doesn’t lend itself to technical detail. Prior U.S. attributions, particularly the attribution of the Sony hack to North Korea three years ago, have come in for criticism for providing insufficient detail to support accusations, and this attribution is the least-supported to date.

When asked in the press briefing about the basis for the U.S. accusation, Bossert said, “What we did was, rely on — and some of it I can’t share, unfortunately — technical links to previously identified North Korean cyber tools, tradecraft, operational infrastructure.”

This may be sufficient given the accusations against North Korea by the private sector, and even the UK government, over the last few months. But it does little to set an example or establish an evidentiary best practice for states to follow in attributing future cyberattacks to states or state-sponsored actors.

It is especially unlikely to satisfy states that pushed for a statement in the 2015 UN Group of Governmental Experts report that “accusations of organizing and implementing wrongful acts brought against States should be substantiated.”

2. What should be the respective roles of the government and private companies?

Although Bossert announced no governmental action besides the attribution itself, he praised the actions of private companies.

He said, “We applaud our corporate partners, Microsoft and Facebook especially, for acting on their own initiative last week without any direction by the U.S. government or coordination to disrupt the activities of North Korean hackers. Microsoft acted before the attack in ways that spared many U.S. targets.”

This praise is consistent with prior U.S. government statements emphasizing the important role that private parties play in cybersecurity, but it’s rendered more interesting here because of the circumstances of WannaCry.

As the New York Times reported in May, the ransomware exploited a vulnerability in Microsoft Windows that was revealed when the Shadow Brokers divulged hacking tools stolen from the National Security Agency. Microsoft patched the vulnerability before WannaCry’s release, but the ransomware spread widely on unpatched systems.

In a blog post in May, Microsoft President Brad Smith argued that the ransomware “provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem” and that “an equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.”

Smith said Tuesday that Microsoft “helped disrupt the malware [the hackers known as the Lazarus] group relies on, cleaned customers’ infected computers, disabled accounts being used to pursue cyberattacks and strengthened Windows defenses to prevent reinfection.”

Facebook similarly said that it deleted accounts linked to the hackers and notified others who were in contact with those accounts.

The importance of private actions to the mitigation of the threats from North Korea illustrates what I have called the “public-private cybersecurity system” in the United States.

This system gives private parties a quasi-governmental role, casting them as crime fighters and national security defenders, and blurs the line between the government and the private sector in ways that raise important issues about accountability, transparency, and other public values.

As the WannaCry incident shows, threats to public values may come from governmental or private actors—and so can protective measures.

But figuring out how to manage public-private cybersecurity to best protect individuals, institutions, and society at large is becoming increasingly crucial as the blurring of public and private roles may now be close to explicit U.S. government policy.

At the White House press briefing, Jeanette Manfra, the Department of Homeland Security’s Assistant Secretary for Cybersecurity and Communications, said : “Our adversaries are not distinguishing between public and private, so neither should we.”

3. Did North Korea violate international law?

Once again, governments have missed an opportunity to clarify the bounds of international law in cyberspace.

Bossert’s op-ed and comments at the press briefing strongly condemn North Korea’s actions, but do not clarify whether the United States regards them as a violation of international law.

In a press release, the UK Foreign Office Minister for Cyber, Lord Ahmad of Wimbledon, issued a similar condemnation and said, “International law applies online as it does offline.” But he stopped short of saying that WannaCry violated international law.

States agreed in the UN Group of Governmental Experts that “[a] State should not conduct or knowingly support [information and communications technology] activity contrary to its obligations under international law that intentionally damages critical infrastructure or otherwise impairs the use and operation of critical infrastructure to provide services to the public” (para. 13(f)).

WannaCry clearly impaired the use of critical infrastructure: it severely disrupted the functioning of UK hospitals, among many other affected entities.

So were North Korea’s actions “contrary to its obligations under international law” or not?

The silence on the international law questions could mean that governments do not think that there was an international law violation. Or it could mean there is disagreement within different governments or between different governments about whether there was an international law violation and if so, which principle of international law was violated.

Yet another possibility is that states do agree that WannaCry violated international law, but are making a policy choice not to call North Korea’s actions a legal violation in order to avoid creating public expectations about the need for governments to respond. This may be particularly attractive for the United States, which escaped much of WannaCry’s impact.

Nonetheless, if international law is to develop, at some point states must determine and publicly explain how international law applies to attacks like WannaCry, the Sony Pictures hack, and Russian election interference.

By refraining from legal characterization of governments’ actions in cyberspace, states are missing the chance to develop international law, which could ultimately justify additional responses to bad actions by states, beyond just naming and shaming.

Kristen Eichensehr is an Assistant Professor at UCLA School of Law, Affiliate Scholar at Stanford Law School’s Center for Internet and Society and Former Special Assistant to the Legal Adviser of the U.S. Department of State.

p:last-of-type::after, .node-type-slideshow .article-body > p:last-of-type::after{content:none}]]>

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Ice, snow and rain from 3 storms to hinder Christmas travel in central, eastern US

December 22, 2017 by  
Filed under Choosing Lingerie

Comments Off

As millions take to the roads or prepare to fly to their destinations, winter storms will be on the prowl in the central and eastern United States through Christmas morning.

A record 107.3 million people will take to planes, trains, aircraft and buses during the period from Saturday, Dec. 23, through Monday, Jan 1, according to the American Automobile Association (AAA).

While no intense storms are forecast, there will be areas of rain, ice and snow affecting heavily populated areas and popular travel routes.

The first storm will move on to target areas from the upper Gulf coast to the lower Great Lakes, central and southern Appalachians and the Interstate 95 corridor of the Northeast with rain from Friday to Saturday.

Snow, ice and treacherous travel from the first storm will spread from the central Great Lakes to part of the central Appalachians and New England into Saturday.

RELATED: 2017 winter weather predictions

This year’s Farmer’s Almanac predicts less precipitation in the Pacific Northwest and Upper Midwest, but other areas might not be so lucky …

Source: www.almanac.com

The National Oceanic and Atmospheric Administration predicted La Nina will potentially emerge this winter season, bringing with it above-average precipitation and below-average cold temperatures.

Source: www.noaa.gov

For example, the Rockies would likely be rocked with abundant snowfall, while the Midwest would be plagued with blasts of cold air.

Source: www.accuweather.com

Another more wonky model from Atmospheric and Environmental Research predicts that colder temperatures could hit the East Coast if there is a stratospheric polar vortex disruption.

Changes in the jet stream have a direct impact on weather patterns, and in the earliest days of December Americans could see a cold front and snow in the Plains and upper Great Lakes.

Up Next

See Gallery




 

Another storm to blanket Rockies, Plains and Upper Midwest with snow into Christmas Eve

The second storm of concern will bring accumulating snow to the central Rockies, including the Denver area on Saturday, before turning eastward Saturday night and Sunday.

It is this second storm that has the greatest potential to leave some snow on the ground for a white Christmas in parts of the central Plains, Ohio Valley states and central Appalachians.

Airline delays will be possible due to deicing operations while portions of I-25, I-35, I-69, I-70, I-74, I-75, I-77, I-80 and I-90 will be slippery.

Accumulating snow is forecast in Omaha, Nebraska; Kansas City, Missouri; Des Moines, Iowa; St. Louis; Chicago; Indianapolis; Detroit; Cleveland and Toronto as it rolls out Saturday night and Christmas Eve. Snow may cover the ground in Evansville, Indiana; Louisville, Kentucky; and Cincinnati, Dayton and Columbus, Ohio.

Snow showers may linger over the central and northern Rockies in the wake of the storm.

The same storm is also projected to spread snow into parts of Pennsylvania, West Virginia and western New York at night on Christmas Eve.

RELATED: 
Where in the US is a white Christmas most likely this year? 
Dangerous cold to settle over north-central US by Christmas Day 
Best and worst days, times to travel during the Christmas holiday 
Holiday air travel: 5 health risks and tips to avoid them 
Why the devastating California wildfires have been so unusual, extreme this December

It is after dark on Christmas Eve, when the storm from the Midwest will attempt to join up with a budding storm along the Atlantic coast.

Third storm to bring snow to part of mid-Atlantic, New England Sunday night to Christmas Day

The track and strength of the storm, as well as the speed at which much colder air arrives, will determine the form of precipitation from parts of eastern Pennsylvania and New Jersey to southeastern New England from Sunday night to early Christmas Day.

At this time, all or mostly rain is forecast from Washington, D.C., to Philadelphia and Atlantic City, New Jersey.

However, snow and sleet are likely to mix in toward the end of the storm from near Allentown and Scranton, Pennsylvania, to Trenton, New Jersey; New York City; Hartford, Connecticut; Providence, Rhode Island; and Boston late Sunday night to Christmas morning.

If the two storms merge together and strengthen at a fast pace, then accumulating snow may fall as far to the southwest as Washington, D.C.

The storms are likely to come together fast enough to bring a heavy snowfall for much of central and northwestern New England and northeastern New York state on Christmas Day. It is in these areas where travel to church services, friends and family may be difficult.

Elsewhere, dry weather and a wildfire risk will continue in California, while a couple of storms may bring rounds of mixed precipitation to the coastal Northwest into Christmas Day.

Much colder air entering the middle of the nation during the weekend prior to Christmas will be just the start of a frigid weather pattern for many. Aside from storms, a broadening blast of cold air will be a major factor in the weather during the week of Christmas.

The frigid air will unleash bands of lake-effect snow and may pave the way for snow and ice as additional storms are likely to come about.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS