Ransomware is malicious software that infects a system, encrypts its files and demands the user pay to regain access to their data – maybe. There’s no guarantee the infection will actually be resolved after payment.
Binney believes the Petya attack was probably rooted in Vault 7, a series of CIA hacking tools recently published by WikiLeaks.
"The NSA has been working on these attacks for two decades now, and they’ve known about some of them for that long,” he told Loud and Clear host Brian Becker. "And the problem is, in my view, they’ve been using short-sighted, finite thinking in the whole process, by saying 'let’s keep all these weaknesses secret so that we can read what everyone is saying to one another. We can penetrate their firewalls, operating systems, networks, switches and so on, and be able to get in and see what everybody is doing.'"
It’s not just NSA sloppiness that’s to blame. It’s not too great a stretch to call these cyberattacks something of an NSA scam.
"Once you have all these weaknesses and you don’t fix them, that means nobody has cybersecurity," Binney said. "And they do that just for the sake of being able to read what everybody’s saying. By leaving us vulnerable, we’re all getting attacked, and when we get attacked what they say is, 'We need more cybersecurity and we need more money to protect you,' When in fact they’ve known all along. I call this a basic swindle."
Petya is the second of two major global cyberattacks in as many months, with the first being May’s “Wannacry” attack, which infected 230,000 computers in more than 150 countries, including parts of the UK’s National Health Service and FedEx.
Becker clarified, "So we have a situation where the NSA, who is supposedly protecting us, keeps these vulnerabilities of other companies open, even though the NSA has discovered the flaw. And now what’s happening is these ransomware criminals are basically stealing the program from the NSA."
Becker asked Binney whether it’s possible that the Petya attack wasn’t what it appeared, that instead of a cybercrime, it could be a government testing a new battleground.
Binney replied that it’s "certainly possible" that the attack could be a test run for cyberwarfare.
"If you’re developing cyberwarfare software, you can run it in a lab and test it to see how it works, but you never really know until you bring it out into the network and try it. The attacks we’ve seen could potentially be tests of that."