US cyber policy to blame for virus attacks

SHI YU/CHINA DAILY

　　Editor's note: The massive global cyberattack that began on Friday has once again set off alarm bells for global internet security. The virus called "WannaCry" used the EternalBlue developed by the United States' National Security Agency that was stolen by the hackers. What measures should China take for its cyber security? And what should individuals do for self-protection? Two experts share their views with China Daily's Zhang Zhouxiang on the subject:

　　Update operating system on time to escape attack

Yan Hanbing, a researcher in cyber security at the National Computer Network Emergency Response Technical Team/Coordination Center of China

　　WannaCry seems rather destructive but regular computer users can easily escape its attack. The loophole in the Windows operating system, which the ransomware uses to attack computers, was already plugged up by a patch released by Microsoft in March. As long as users update their computers' operating system on time, they will be safe from the attack.

　　Therefore, for individual users, the WannaCry attack should be a lesson never to be forgotten: Update your operating system or your anti-virus software made by registered companies. Virus developers and anti-virus agencies have been racing against each other to develop counter software, and this race will continue.

　　Computer users are also advised to not click on any link from unidentified sources, as WannaCry spreads via e-mails. As soon as a user clicks on the dangerous link, the computer starts to download the virus and gets infected by it. So computer users should not click on any link that's without an identified source.

　　Some argue that the ongoing ransomware attack highlights the necessity of developing our own operating system, which is definitely necessary, but not because of the attack. We need to develop our own operating system because it will be more controllable. Reports in the past have pointed out that Microsoft is known to leave open "backdoors" in its Windows system, which could pose a threat to China's cyber security.

　　But there is no evidence showing a self-developed operating system is safer than Windows. Even those computers running on self-developed operating systems will have to regularly update and install anti-virus software.

　　NSA's failure to manage cyber weapons alarming

Liu Quan, a senior researcher in cyber security at the China Center for Information Industry Development, Ministry of Industry and Information Technology

　　The WannaCry virus attack shows not only the chaos hackers can create, but also how powerful the US is in terms of cyber warfare. WannaCry has been confirmed to be a variant of EternalBlue, a cyber weapon developed by the NSA. And it is only one of the innumerable powerful weapons in the NSA cyber arsenal. To name a few: eternal king, eternal romance, eternal collaboration, emerald fiber, quirky hamster, and EskimoRoll.

　　According to Wikileaks, some of these weapons could infect 70 percent of the world's computers using Windows, which shows the US is rather hegemonic when it comes to computer viruses. Instead of helping internet companies plug the loopholes in the Windows operating system after discovering them, the US developed cyber weapons, which gives it an asymmetric advantage in terms of cyber security.

　　Worse, the NSA has failed to manage these cyber weapons well, as they have been leaked many times causing huge losses to internet users across the globe. That's an act of irresponsibility for which the NSA should be answerable.