Ransomware attack reveals breakdown in US intelligence protocols, expert says | Technology | The Guardian

Edward Helmore in New York



Saturday 13 May 2017 13.41 EDT Last modified on Saturday 13 May 2017 14.18 EDT

The attack that temporarily crippled the NHS in Britain and dozens of other institutions across Europe and Russia reveals the failure of the US government’s protocols for warning software developers and the private sector about system vulnerabilities, a cyber-security expert told the Guardian.



Under the vulnerability equities process (VEP) established by the US government, US intelligence agencies are supposed to collectively determine whether to disclose a vulnerability it has obtained or discovered – so the software developer has a chance to fix the problem – or withhold the information to use the flaw for offensive or defensive purposes.



“The NSA is supposed to lead the vulnerability equities process with all the other government agencies gathered round to discuss their interests in the vulnerability, and to weigh the offensive capabilities against defensive concerns for the private sector and US interests,” said Adam Segal, the director of the digital and cyberspace policy program at the Council on Foreign Relations. The EternalBlue-WanaCrypt0r attack showed that the NSA did not reveal the vulnerability it had discovered before it was stolen and apparently auctioned off, Segal said.



Ransomware attack reveals breakdown in US intelligence protocols, expert says | Technology | The Guardian