National security vs computer security
Which of government’s protective functions is more important: safeguarding us against computer hackers or detecting and stopping the next terrorist plot or, perhaps, slowing down a rogue nation’s missile or nuclear program?
As more and more global extortionists demand money in exchange for not shutting down our computers, the question will take on new relevance.
Late last week and early this one, a massive ransomware attack labeled “WannaCry” had disabled thousands of computers in nearly every country. Victims were given the option of paying from $300 to $600 to avoid having their computers shut down by the attack.
There were no reports of U.S. national security computers or networks being affected.
That may have been what prompted a Microsoft official to criticize the U.S. government for “hoarding” information on computer vulnerabilities.
Some such information was leaked out a few months ago by the notorious WikiLeaks organization. Those secrets may have been used to launch “WannaCry.”
But as intelligence officials note, much of what they know and keep secret is used for national security purposes such as invading terrorist computer networks to gain information. As was demonstrated by the Stuxnet attack on Iranian computers a few years ago, some secrets can be used to cripple facilities such as those in nuclear weapons development.
How much national security are we as a nation willing to give up to provide information that might prevent future malware attacks on private computers? It is a fair question for members of Congress.