Security & Fraud

NSA Alerts Microsoft To Windows Security Flaw

nsa-microsoft-windows

In a move designed for public reassurance and transparency, the National Security Agency (NSA) will now be more forthright, sharing cybersecurity attacks with companies rather than discreetly analyzing them in secret for the agency’s internal use. On Tuesday, The New York Times reported that the agency alerted Microsoft to a vulnerability in its Windows operating system.

Previously, the NSA would collate various information technology vulnerabilities and then utilize that knowledge to learn more about U.S. adversaries, sometimes even designing and initiating hacks themselves.

That secret strategy has backfired in recent years, however, when some of this research was found and exploited by cybercriminals and other U.S. enemies, among them North Korea.

The NSA has now adopted a more contrite and open approach within the cybersecurity community.

“We wanted to take a new approach to sharing and also really work to build trust with the cybersecurity community,” Anne Neuberger, the agency’s cybersecurity director, told reporters.

In the past, the NSA privately shared concerns and weaknesses to Microsoft as well as other technology companies. But these firms could never openly acknowledge the NSA’s assistance. That approach has been modified.

“Ensuring vulnerabilities can be mitigated is an absolute priority,” Ms. Neuberger said.

Industry analysts and other experts praised the move, but several noted its spirit and intent ran counter to the Justice Department’s recent confrontation with Apple, when that government agency ordered the company to break encryption on their phones.

The long-term results from the NSA’s policy shift remain to be seen. Future vulnerabilities analyzed by the NSA could subsequently be used to benefit global users rather than to become weaponized.

Russia, China, and Iran will remain ongoing security concerns, regardless.

As PYMYNTS recently reported, Iranian cyber agents have attacked U.S. companies, universities, industrial systems and financial institutions. They have called out journalists as a direct target, plus President Donald Trump and other government officials. The United States has attacked online the nuclear capabilities and computer systems within Iranian infrastructure.

——————————

WATCH LIVE: HOW WE SHOP – TUESDAY, NOVEMBER 10, 2020 – 12:00 PM (ET)

New forms of alternative credit and point-of-sale (POS) lending options like ‘buy now, pay later’ (BNPL) leverage the growing influence of payments choice on customer loyalty. Nearly 60 percent of consumers say such digital options now influence where and how they shop—especially touchless payments and robust, well-crafted ecommerce checkouts—so, merchants have a clear mandate: understand what has changed and adjust accordingly. Join PYMNTS CEO Karen Webster together with PayPal’s Greg Lisiewski, BigCommerce’s Mark Rosales, and Adore Me’s Camille Kress as they spotlight key findings from the new PYMNTS-PayPal study, “How We Shop” and map out faster, better pathways to a stronger recovery.

TRENDING RIGHT NOW