[1]The Strange WannaCry Attribution:

    I've been trying to figure out why the U.S. government thought it
    was useful to attribute the "WannaCry" attack to North Korea …

    … I must be missing something here. Probably what I am missing is
    that the public attribution sends an important signal to the North
    Koreans about the extent to which we have penetrated their cyber
    operations and are watching their current cyber activities. But that
    message could have been delivered privately, and it does not explain
    why the United States delayed public attribution at least six months
    after its internal attribution, and two months after the U.K. had
    done so publicly. Perhaps the answer to the delay question, and
    another thing I am missing, is that the public attribution is part
    of larger plan related to a planned attack on North Korea because of
    its nuclear threat. Bossert's unconvincing op-ed and incoherent
    press conference wouldn't support either interpretation; and if
    either interpretation is right, it still comes at a cost to general
    deterrence. But perhaps, surely, hopefully, there is more here than
    meets the eye.

  (Via [2]Lawfare - Hard National Security Choices)

  This WannaCry Attribution was a head scratcher for me, too. Listeners
  of the late lamented PVC Security podcast know that I am generally not
  a fan of attribution, or more specifically see only limited real life
  usefulness for 97% of companies' and individuals' security. For
  governments, intelligence agencies, the military, and law enforcement
  there is more value, but how much value so far after the fact?

  This piece by Jack Goldsmith lays out pretty much every issue I have
  with this plus provides something of a timeline for those for whom this
  is ancient history (in security terms, anyway).

  Got a theory or opinion on this?
    __________________________________________________________________

  My original entry is here: [3]The Strange WannaCry Attribution. It
  posted Thu, 21 Dec 2017 23:43:29 +0000.
  Filed under: business,

References

  1. https://www.lawfareblog.com/strange-wannacry-attribution
  2. https://www.lawfareblog.com/recent
  3. https://www.prjorgensen.com/?p=774

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.