Should state intelligence agencies stockpile software vulnerabilities?

prototype-wannacry-screenshot-1000In the wake of last week’s WannaCry software attacks, security experts uncovered that the ransomware was based on NSA stored exploits that were inadvertently leaked.

Along a similar vein, it was also discovered that the same Microsoft Windows exploit has been used silently for months to hijack processing power of personal computers to mine the cryptocurrency Monero.

The scale of the WannaCry attack was devastating with close to 100,000 systems across the world compromised. Among the worst affected was the UK’s NHS, with some hospitals forced to stop accepting patients for a period.

The attack raises considerable questions around the ‘silo’ mentality of cybersecurity and the role of government intelligence bodies in exploiting vulnerabilities.

Read more: Business Insider / The Conversation / WSJ / ABC / MIT Tech Review / Verge

Image: Screenshot of the WannaCry ransomware. By WannaCry

This story is taken from the 19 May 2017 edition of The Warren Centre’s Prototype newsletter. Sign up for the Prototype here.