Bits: Looking for Someone to Blame in the Ransomware Attack

View in [Browser]( | Add nytdirect@nytimes.com to your address book. [The New York Times]( [The New York Times]( Tuesday, May 16, 2017 [For the latest updates, go to nytimes.com/bits »]( [Microsoft offices in Midtown Manhattan in February. The company took the unusual step of releasing a security update for versions of Windows that it no longer supports to combat the WannaCry attack.]( Microsoft offices in Midtown Manhattan in February. The company took the unusual step of releasing a security update for versions of Windows that it no longer supports to combat the WannaCry attack. George Etheredge for The New York Times [Spreading the Blame Around]( If the ransomware attack that has spread throughout the world has taught us one thing, it is the benefits of legally obtained software. Computer users around the world — particularly in Russia and China — [struggled into a fourth day with a cyberattack]( that locked them out of their computers. Now the question is: Who is responsible for this? The obvious answer, of course, is the hackers who set the malware loose. But plenty of others can take some of the blame for enabling their global assault: ■ The National Security Agency. The agency discovered the Windows vulnerability that allowed the ransomware attack to occur and seems to have kept it among a growing collection of software vulnerabilities [that it doesn’t tell anyone about](. What’s more, the agency lost control of this secret information, and it was posted on internet forums for any savvy — [or not so savvy]( — hacker to deploy. ■ Microsoft. Microsoft is, of course, responsible for making sure the [security of its software is up to snuff](. And when the software is not, the implications can very quickly become global. In fairness, the company issued a patch for the vulnerability several months ago. It also issued a special patch for Windows XP, which hasn’t been fully supported for several years. Should the company continue to support its software regardless of how old it is? It’s a fair question. But that leads us to the next responsible party. ■Bad technology managers. Microsoft can put out all the right patches, but it’s up to tech managers to install those fixes. Clearly, [that was not done in many locations](. In fact, some government agencies appear to have been using Windows XP, which first hit the market in 2001. Microsoft stopped fully supporting it three years ago. Let’s think about that another way: Imagine in 2001 that we were still using software written in 1986 — one year after the first version of Windows was released. It would seem ridiculous. ■Software pirates. It is no coincidence that two of the countries hardest hit by the [rans]( attack were China and Russia](. For years, Microsoft and other Western software companies have bitterly complained that software piracy was rampant in those countries. And when you use stolen software, you tend not to get security updates from the company. — Jim Kerstetter Read More Tech Fix [How to Protect Yourself From Ransomware Attacks]( By BRIAN X. CHEN Some tips from computer security experts. [In Computer Attacks, Clues Point to Frequent Culprit: North Korea]( By NICOLE PERLROTH AND DAVID E. SANGER Indicators are far from conclusive, but intelligence officials and private security experts say that North Korean-linked hackers are likely suspects in global ransomware attacks. [In Ransomware Attack, Where Does Microsoft’s Responsibility Lie?]( By NICK WINGFIELD For years, the company has tried to change the perception that its software was vulnerable to hackers. A global cyberattack renewed those issues. [The Fallout From a Global Cyberattack: ‘A Battle We’re Fighting Every Day’]( By STEVE LOHR AND LIZ ALDERMAN Two prestigious Chinese universities, a movie theater chain in South Korea and Japanese automakers were affected, but copycat variants did not seem to have materialized. [All About Bitcoin, the Mysterious Digital Currency]( By NATHANIEL POPPER What is Bitcoin and where did it come from? Here is information about the electronic currency that hackers behind the global ransomware attack are demanding. ADVERTISEMENT More From The Times [Facebook Gets Slap on the Wrist from 2 European Privacy Regulators]( By MARK SCOTT Data protection watchdogs in France and the Netherlands ruled that the social network had collected too much information on users in those countries. [Web Defenders Detect Russian Hand in Iranians’ Hacking Attempt]( By NICOLE PERLROTH While foiling an attack on a military contractor, investigators watched Iranians use a tool that had also been deployed to compromise Ukraine’s power grid. [Thailand Warns Facebook After Video Seems to Show King in Crop Top]( By MIKE IVES AND PAUL MOZUR The government was demanding the removal of dozens of pages that it said had illegally insulted the monarchy a few weeks after the video was widely shared online. [After Leaving Google, Bill Maris Is Set to Open New Fund]( By MICHAEL J. DE LA MERCED The venture capital fund, Section 32, with $150 million under management, will invest in a broad array of sectors. Tech Tip [Use Your Phone as a Digital Magnifying Glass]( By J. D. BIERSDORFER Like other mobile platforms, Apple’s iOS 10 software includes a feature to make reading the fine print easier through your phone. Itineraries [Investing in Tech to Tackle an Awful Annoyance: Lost Luggage]( By MARTHA C. WHITE The number of stray bags is lower than ever, attributable both to new technology and charges for checking luggage, but there’s room for improvement. HOW ARE WE DOING? We’d love your feedback on this newsletter. Please email thoughts and suggestions to [bits_newsletter@nytimes.com](mailto:bits_newsletter@nytimes.com?subject=Bits%20Newsletter%20Feedback%20223). ADVERTISEMENT LIKE THIS EMAIL? Forward it to your friends, and let them know they can sign up [here](. FOLLOW BITS [Twitter] [@nytimesbits]( Get more [NYTimes.com newsletters »]( | Get unlimited access to NYTimes.com and our NYTimes apps. [Subscribe »]( ABOUT THIS EMAIL You received this message because you signed up for NYTimes.com's Bits newsletter. [Unsubscribe]( | [Manage Subscriptions]( | [Change Your Email]( | [Privacy Policy]( | [Contact]( | [Advertise]( Copyright 2017 The New York Times Company 620 Eighth Avenue New York, NY 10018