论文部分内容阅读
In mid-May, multiple variants of a ran- somware computer encryption virus named WannaCry rocked the Internet. The hackers behind the attack demanded money in digital currency bitcoin by encrypting computer users’ files and locking them out of their computers. Incomplete statistics showed that tens of thousands of computers in over 150 countries have been attacked. Since this globetrotting ransomware was allegedly adapted from stolen cyber weapons developed by the U.S. National Security Agency (NSA), the WannaCry attack can thus be seen as a living example of the proliferation of state cyber weapons.
Extensive impact
Ransomware attacks are not alien to the public. Many businesses had fallen victim to them before the recent WannaCry virus. Initially, hackers used the denial-of-service programs to attack corporation websites in order to demand payments. In the last few years, hackers have developed software to encrypt victims’computer fi les for ransom money. As business operations of corporations increasingly depend on the Internet, the chances for ransomware attacks have escalated.
At the same time, such attacks are diffi cult to punish as the culprits often come from abroad and use anonymous accounts, dummy addresses and bitcoin for payment. With almost zero cost, a single ransomware attack can bring thousands or even millions of dollars for the hackers. And since corporations worry that being a victim of a ransomware attack would tarnish their image, some are reluctant to report such crimes to law enforcement agencies after paying a ransom.
The WannaCry virus has created many firsts in the history of cybercrime. It is the first worldwide synchronized cyberattack. And its spreading scope and speed exceeded previous incidents. Preliminary statistics show that more than 100,000 computers were hit synchronously in a split second. In China, more than 20,000 computers were infected, mainly in universities and some governmental organs.
Moreover, the means of the malware’s spreading was more aggressive and vicious. Previously, ransomware viruses attacked Internet users usually by phishing, and if users were cautious enough, they could avoid opening suspicious attachments or links. However, WannaCry takes advantage of the vulnerability of the Windows operating system. Its development was based on a highly-advanced hacking tool created by the NSA. Unlike phishing or spear phishing attacks, WannaCry spreads without exploiting user interactions. It is estimated that WannaCry could launch more than 4,000 attacks per hour. To stop such attacks, Microsoft released a patch for its Windows XP operating system after having ended support for it since 2014.
The WannaCry attack has resulted in damage to parts of key infrastructure facilities and even casualties in some countries. Some affected gasoline stations in China had to suspend their service. Some British hospitals also postponed operations due to the attack. For a long time, Western countries have worried about terrorist attacks on key infrastructure facilities such as hospitals, dams or power stations. This time, they have unexpectedly arrived in an unconventional way.
Seeds of the crime
The WannaCry attack reflects the status quo of the global cybersecurity system. As a global leader in Internet technology, the United States hasn’t played a role in boosting its healthy development, but instead puts more effort into building its cyberattack deterrence capacity in order to maintain its hegemony in the cyber world. Former CIA employee Edward Snowden’s disclosures of U.S. cyber activities sounded a warning to the world about the possible risks of misusing this capacity, but it seems that few had taken his warning seriously.
In 2009, the United States set up its Cyber Command, kicking off the global arms race in cyberspace. Besides independent research and development of cyber weapons, the U.S. army also purchases cyberattack tools and loophole information on the black market, indirectly encouraging the growth of underground hacking, while hindering the sharing and repairing of global database loopholes.
Such actions have caused the situation to quickly escalate out of control. In recent years, advanced cyberattack weapons, developed by U.S. intelligence agencies, including the NSA and FBI, have flown continually into the hands of hackers. Last August, hacker group Shadow Brokers penetrated the NSA’s computer systems and filched a large number of hacking tools. Shadow Brokers displayed some of their spoils on the Internet for free. The organization also put some of the highly-advanced cyberattack weapons up for auction, including those which can break through the fi rewalls of tech companies Cisco and Huawei. The WannaCry ransomware was developed based on the NSA’s cyberattack exploit named EternalBlue. Microsoft compared the NSA’s loss of control of the software to “the U.S. military having some of its Tomahawk missiles stolen.” These terrible cyberattack weapons are likely to become a nightmare for Internet users around the world. In an era of globalized information, it is impossible for the United States to survive cyberattacks alone.
Worse still, the global cyberspace arms race has also made international cooperation on cybersecurity less attractive, as some countries believe it will restrain their own cyber activities. But the governance of cyberspace and maintenance of cybersecurity need sincere cooperation among the international community.
A chaotic world
The WannaCry attack has shown to the world that the militarization of cyberspace will bring huge risks to its security. The increasing cost of cybersecurity may possibly change the public’s recognition and attitude toward the Internet. Such a consequence may erode the foundation of the cyber economy and delay the development of Internet technology to a certain degree.
In facing the threat of highly-advanced cyberattack weapons, traditional network security policies are becoming less effective. Though the spread of the WannaCry virus was finally stopped due to its defect, its outbreak has proved how fragile current mainstream network security policies are. Physical isolation measures show their vulnerability in particular. As new security policies are not yet mature and have not been universally promoted, similar incidents may continue to emerge, bringing about devastating impacts to human society.
The WannaCry attack has come to an end, but the global cybersecurity situation is still not optimistic. Shadow Brokers recently announced that they would regularly sell hacking tools it burgled from the NSA, including those targeting cellphones, routers, the Windows 10 operating system as well as the electronic fi nancial-messaging system of the Society for Worldwide Interbank Financial Telecommunication. In the meantime, WikiLeaks has also disclosed hacking tools leaked from the FBI.
Severe cyberattacks cannot be effectively contained unless the international community has a clear understanding of the risks brought about by the militarization of the virtual world. In the upcoming years, the world is likely to witness more destructive hacking activities. If countries across the world can take joint action, the chaotic cyber world may regain peace in a much shorter time. But if the United States still wantonly continues its efforts to militarize cyberspace, the Internet will eventually lose its value and become full of Trojans, viruses and worms.
Extensive impact
Ransomware attacks are not alien to the public. Many businesses had fallen victim to them before the recent WannaCry virus. Initially, hackers used the denial-of-service programs to attack corporation websites in order to demand payments. In the last few years, hackers have developed software to encrypt victims’computer fi les for ransom money. As business operations of corporations increasingly depend on the Internet, the chances for ransomware attacks have escalated.
At the same time, such attacks are diffi cult to punish as the culprits often come from abroad and use anonymous accounts, dummy addresses and bitcoin for payment. With almost zero cost, a single ransomware attack can bring thousands or even millions of dollars for the hackers. And since corporations worry that being a victim of a ransomware attack would tarnish their image, some are reluctant to report such crimes to law enforcement agencies after paying a ransom.
The WannaCry virus has created many firsts in the history of cybercrime. It is the first worldwide synchronized cyberattack. And its spreading scope and speed exceeded previous incidents. Preliminary statistics show that more than 100,000 computers were hit synchronously in a split second. In China, more than 20,000 computers were infected, mainly in universities and some governmental organs.
Moreover, the means of the malware’s spreading was more aggressive and vicious. Previously, ransomware viruses attacked Internet users usually by phishing, and if users were cautious enough, they could avoid opening suspicious attachments or links. However, WannaCry takes advantage of the vulnerability of the Windows operating system. Its development was based on a highly-advanced hacking tool created by the NSA. Unlike phishing or spear phishing attacks, WannaCry spreads without exploiting user interactions. It is estimated that WannaCry could launch more than 4,000 attacks per hour. To stop such attacks, Microsoft released a patch for its Windows XP operating system after having ended support for it since 2014.
The WannaCry attack has resulted in damage to parts of key infrastructure facilities and even casualties in some countries. Some affected gasoline stations in China had to suspend their service. Some British hospitals also postponed operations due to the attack. For a long time, Western countries have worried about terrorist attacks on key infrastructure facilities such as hospitals, dams or power stations. This time, they have unexpectedly arrived in an unconventional way.
Seeds of the crime
The WannaCry attack reflects the status quo of the global cybersecurity system. As a global leader in Internet technology, the United States hasn’t played a role in boosting its healthy development, but instead puts more effort into building its cyberattack deterrence capacity in order to maintain its hegemony in the cyber world. Former CIA employee Edward Snowden’s disclosures of U.S. cyber activities sounded a warning to the world about the possible risks of misusing this capacity, but it seems that few had taken his warning seriously.
In 2009, the United States set up its Cyber Command, kicking off the global arms race in cyberspace. Besides independent research and development of cyber weapons, the U.S. army also purchases cyberattack tools and loophole information on the black market, indirectly encouraging the growth of underground hacking, while hindering the sharing and repairing of global database loopholes.
Such actions have caused the situation to quickly escalate out of control. In recent years, advanced cyberattack weapons, developed by U.S. intelligence agencies, including the NSA and FBI, have flown continually into the hands of hackers. Last August, hacker group Shadow Brokers penetrated the NSA’s computer systems and filched a large number of hacking tools. Shadow Brokers displayed some of their spoils on the Internet for free. The organization also put some of the highly-advanced cyberattack weapons up for auction, including those which can break through the fi rewalls of tech companies Cisco and Huawei. The WannaCry ransomware was developed based on the NSA’s cyberattack exploit named EternalBlue. Microsoft compared the NSA’s loss of control of the software to “the U.S. military having some of its Tomahawk missiles stolen.” These terrible cyberattack weapons are likely to become a nightmare for Internet users around the world. In an era of globalized information, it is impossible for the United States to survive cyberattacks alone.
Worse still, the global cyberspace arms race has also made international cooperation on cybersecurity less attractive, as some countries believe it will restrain their own cyber activities. But the governance of cyberspace and maintenance of cybersecurity need sincere cooperation among the international community.
A chaotic world
The WannaCry attack has shown to the world that the militarization of cyberspace will bring huge risks to its security. The increasing cost of cybersecurity may possibly change the public’s recognition and attitude toward the Internet. Such a consequence may erode the foundation of the cyber economy and delay the development of Internet technology to a certain degree.
In facing the threat of highly-advanced cyberattack weapons, traditional network security policies are becoming less effective. Though the spread of the WannaCry virus was finally stopped due to its defect, its outbreak has proved how fragile current mainstream network security policies are. Physical isolation measures show their vulnerability in particular. As new security policies are not yet mature and have not been universally promoted, similar incidents may continue to emerge, bringing about devastating impacts to human society.
The WannaCry attack has come to an end, but the global cybersecurity situation is still not optimistic. Shadow Brokers recently announced that they would regularly sell hacking tools it burgled from the NSA, including those targeting cellphones, routers, the Windows 10 operating system as well as the electronic fi nancial-messaging system of the Society for Worldwide Interbank Financial Telecommunication. In the meantime, WikiLeaks has also disclosed hacking tools leaked from the FBI.
Severe cyberattacks cannot be effectively contained unless the international community has a clear understanding of the risks brought about by the militarization of the virtual world. In the upcoming years, the world is likely to witness more destructive hacking activities. If countries across the world can take joint action, the chaotic cyber world may regain peace in a much shorter time. But if the United States still wantonly continues its efforts to militarize cyberspace, the Internet will eventually lose its value and become full of Trojans, viruses and worms.