[anti-abuse-wg] [cooperation-wg] WannaCry Ransomware

The main route of attack is by SPAM.

Why is noone doing something effective against SPAM ?




On Monday 15 May 2017 13.59, Gordon Lennox wrote:
> Thanks Richard for distributing this.
> 
> However I am sure everybody else on this list had already checked their favourite sources of information well before this was sent out. Europol has to be much faster.
> 
> “a critical exploit in a popular communication protocol used by Windows systems”? OK again people here know what was going on: it was not the protocol but the implementation. If Europol is going to address the wider public then they have to use simpler, cleaner language.
> 
> Anyway what Europol omits to even hint at is that this bit of poor programming from Microsoft was known to certain government agencies from way back. And they tried to kept secret so they could use it themselves?
> 
> We need a better discussion about this. Access providers are being asked to carry out user surveillance / logging on behalf of LEAs. Meanwhile the IETF is encouraging encryption while government ministers are trying to discourage encryption. Meanwhile governments know where common systems are vulnerable and yet neither tell the public nor protect the public.
> 
> Gordon
> 
> 
> > On 15 May 2017, at 07:57, Richard Leaning <rleaning at ripe.net> wrote:
> > 
> > Dear Colleagues,
> > 
> > The European cybercrime centre at Europol have asked us to circulate the below. I hope you find it useful and please forward it on to anyone who you may think will benefit from it.
> > 
> > Kind regards
> > 
> > Richard Leaning
> > External Relations
> > RIPE NCC
> > 
> > 
> > ///snip
> 
> 
> 
> 

-- 
        Peter Håkanson   

        There's never money to do it right, but always money to do it
        again ... and again ... and again ... and again.
        ( Det är billigare att göra rätt. Det är dyrt att laga fel. )