• Queue
    link
    fedilink
    arrow-up
    16
    ·
    3 months ago

    When WannaCry was a major threat to cybersecurity, shutting down banks and hospitals, it was found that it used a backdoor Microsoft intentionally kept open for governments to use.

    https://en.wikipedia.org/wiki/WannaCry_ransomware_attack

    EternalBlue is an exploit of Microsoft’s implementation of their Server Message Block (SMB) protocol released by The Shadow Brokers. Much of the attention and comment around the event was occasioned by the fact that the U.S. National Security Agency (NSA) (from whom the exploit was likely stolen) had already discovered the vulnerability, but used it to create an exploit for its own offensive work, rather than report it to Microsoft.[15][16]

    https://en.wikipedia.org/wiki/EternalBlue

    EternalBlue[5] is a computer exploit software developed by the U.S. National Security Agency (NSA).[6] It is based on a vulnerability in Microsoft Windows that allowed users to gain access to any number of computers connected to a network. The NSA knew about this vulnerability but did not disclose it to Microsoft for several years, since they planned to use it as a defense mechanism against cyber attacks.

    In real life, if I do not prevent someone from doing a crime that I am aware of was premeditated, I am guilty of not doing my duty. Corporations are people thanks to Citizens United, and governments are ran by people, so uphold them to the same standards they subject the populace to.

    • troed@fedia.io
      link
      fedilink
      arrow-up
      6
      ·
      3 months ago

      Well. Your sources don’t say Microsoft kept it. They say NSA didn’t report it to Microsoft so that they would be able to keep using it.