Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.

Avenue4 LLCRead Message Promoted Post

Home / Blogs

WannaCry: Patching Dilemma from the Other Side

Peixi (Patrick) XU

WannaCry, originated firstly in state projects but spread by other actors, has touched upon myriads of infrastructure such as hospitals, telecommunication, railroads that many countries have labelled as critical. IT engineers are hastily presenting patching codes in various localized versions. The other patch needed, however, is more than technical. It is normative and legislative. The coding of that patch for a situation like this is in two layers of dilemma.

The first dilemma is about the appropriateness and legitimacy of state's exploitation of industrial software vulnerabilities. For the government experts who are writing the norms for responsible state behavior in cyberspace at the UN level, should such exploitation be considered as responsible or reasonable or as damaging cyber stability? There is a general division of ideas about this point among different nations.

Many cyber powers have actually acknowledged and approved the legitimacy of state behavior like that. The fact that they have founded their cyber force implies that message. Many other nations are uncomfortable about the militarization of the cyberspace and choose to condemn any behavior towards such a direction. They either have not fully grasped the complexity of the situation or lack the capability to face the strategic challenges. This division has significantly reduced room for UN GGE talks on norms of state behavior.

The second dilemma is about non-proliferation of the state's cyber weapons. The previous GGE report has recommended that States should seek to prevent the proliferation of malicious ICT tools and techniques and the use of harmful functions.

However, unlike nuclear weapons or missiles, the spread of the malware is much easier and faster, taking a non-conventional route. Compared with the conventional weapons, the cyber ammunition of a state seems to be much more vulnerable to invasion from other actors. An individual Robin Hood could shake the whole system. This has made future talks on disarmament and non-proliferation of cyber weapons harder. The division of opinions on the first dilemma has made it even more difficult to solve the dilemma on non-proliferation.

An interesting phenomenon in the case is that Microsoft is presenting patches both in terms of code and in terms of policy and law by calling for, on earlier occasions this year, a Digital Geneva Convention, a Tech Accord, and an Attribution Council.

By Peixi (Patrick) XU, Associate Professor, Communication University of China
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

To post comments, please login or create an account.

Related

Topics

IP Addressing

Sponsored byAvenue4 LLC

Cybersecurity

Sponsored byVerisign

Mobile Internet

Sponsored byAfilias

DNS Security

Sponsored byAfilias

Promoted Post

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.