12 Items

teaser image

Analysis & Opinions - Lawfare

Ransomware Remixed: The Song Remains the Same

| June 28, 2017

Trey Herr discusses what proliferation looks like in cyberspace: someone writes a piece of malware, a third party finds it, adapts it, adds in some of their own code or that from an open source project …et voila, a new piece of malware is born. This latest epidemic is based on a commonly used ransomware, combined with a modified version of the NSA’s leaked exploit, and tied together with some new encryption functionality and part of an open source security tool.

Paper - Cyber Security Project, Belfer Center

Countering the Proliferation of Malware

| June 27, 2017

Malicious software is adapted, stolen, bought, and used everyday on a global scale. There are better ways to counter this proliferation than export controls. Policymakers should strengthen incentives for researchers and the private sector to rapidly identify software vulnerabilities, disclose them to developers, patch those vulnerabilities, and adopt those patches. Building on previous debates, this paper makes specific recommendations to shorten the lifecycle of vulnerabilities and improve the short term health of the software security ecosystem.