An IoT botnet is trying to nuke Wcry's killswitch

Hm. Really? I’ll have to think about this some more, but I’m not so sure I agree. [quote=“LutherBlisset, post:16, topic:101293”]
regardless of the criminal’s background, their intentions it is not war.
[/quote]

If it’s aimed at undermining public infrastructure and public faith in our systems, rather than just extorting people, would that count? I mean, hasn’t war morphed over the centuries anyway?

I felt that way about the whole “clash of civilization” thesis, and look how that’s turned out! :frowning:

1 Like

I think Stuxnet was clearly an act of war. It was a government created weapon designed to destroy industry of a perceived enemy. The fact that the damage was done with a malicious program rather than bombs is of less importance than the intention.

3 Likes

War is something very different from sabotage. Even if it is state-sponsored sabotage. International law is a fiddly affair anyway, but war is very high on the scale of escalation.

Just imagine that infrastructure in a NATO member state would be hacked. By using a broadened definition of war, this could trigger article five.

You know. NATO. That includes states which block the access to Twitter and YouTube, states which hack each other’s AND other parties communications systems. But which the same time have how many nuclear warheads? How many megatons of conventional explosives? I can’t even be bothered to look up the numbers, but as stated, I can’t accept even stuxnet as an act of war. To accept this is simply bullshitting ourselves about definitions.

Nobody in their right mind can accept that anything like stuxnet should be legal. But treating it as an act of war instead of a criminal act triggers a whole other level of escalation. Under international law, this could legally trigger a military response.

If we don’t accept this narrative as given, we are questioning this. It must be possible to find civil legal solutions in international law.

1 Like

I’m not sure the “clash” did turn out in any way. Most off all, it seems to be a catchphrase ro intellectually “legitimate” racism.

They already do this (redirecting invalid or certain domains to some special search portal is commonplace). This is why I never use ISP DNS servers instead using Google or OpenDNS.

At least ensuring that this killswitch domain is accessible serves a common good.

Registering the kill switch domain and pointing it to your own web server is not the best solution at all, many machines around the world have difficulties connecting to the server and suffering from heavy packet loss, and it greatly reduces the effectiveness of the kill switch.

Darien Huss does it for collecting data of the worm, but for sake of all users, he really should point the domain to a large CDN such as CloudFlare (a.k.a the Great Cloudwall) or even google.com to prevent more machines being inflected and it is more important than data gathering. It also eliminates the problem of DDoS attacks.

I think if you read the book the ideology is based on, that’s entirely true. Doesn’t mean that our public policy hasn’t been fundamentally shaped by it in the past decade and a half or more. And it was a two way construction, as people like Bin Laden operated from a similar set of values and ideas, that the only hope for a full decolonization of the middle east was through doubling down on what he viewed as proper Islamic values, enforced by force, pushing out who he viewed as colonial forces in the holy land.

It’s spread by a worm; the worm has to be introduced into networks at some point. It is definitely not hitting all vulnerable machines as I have been patching them for over a week without actually seeing an infection.
Someone introduced the worm into the NHS network and someone introduced it into the Russian internal network. I know enough about NHS systems to know that it wasn’t simply collateral damage.

2 Likes

This topic was automatically closed after 5 days. New replies are no longer allowed.