#hw Turn in a short essay (1-2 pages) with your thoughts on the following two items:
First, we obviously blame the parties who wrote and released the attack code. However, we may argue that the responsibility (blame) for disruption should be shared by the people/companies that produced software with security vulnerabilities and by the software operators (victims) for not having better protections and recovery mechanisms.
What do you think? How should we view this?
Second, this is state-sponsored bad behavior as contrasted with that of a criminal or criminal group. How should the international community react to behaviors such as this?
Article Notes - NotPetya
NotPetya
- Penetration tool ExternalBlue — allows hackers to remotely run code on unpatched Windows machines
- Mimikatz — finds passwords in computer RAM and use them to infiltrate other machines with the same credentials. Attacks indiscriminately, and affects countries beyond it’s target.
- 10 Billion $ in total damages