>that only a domain expert with highly specialized experience
Correct me if I'm wrong, but WannaCry isn't highly sophisticated. It weaponizes already known vulnerabilities to exploit soft targets on a large, but unsophisticated scale (because most of the victims are soft targets in terms of computer/network security). Ransomware is not a new idea either. Combining these things (known exploits, soft targets, ransomware) doesn't require genius or _highly_ specialized domain knowledge, hard to acquire intelligence or huge amounts of resources (labor or money). Any state capable of consistently spending a couple million dollars per year on a team for offensive security operations could, I suppose, pull this off.
>KeePassX is an amazing password manager, but hasn't seen much active development for quite a while. Many good pull requests were never merged and the original project is missing some features which users can expect from a modern password manager. Hence, we decided to fork KeePassX to continue its development and provide you with everything you love about KeePassX plus many new features and bugfixes.
Correct me if I'm wrong, but WannaCry isn't highly sophisticated. It weaponizes already known vulnerabilities to exploit soft targets on a large, but unsophisticated scale (because most of the victims are soft targets in terms of computer/network security). Ransomware is not a new idea either. Combining these things (known exploits, soft targets, ransomware) doesn't require genius or _highly_ specialized domain knowledge, hard to acquire intelligence or huge amounts of resources (labor or money). Any state capable of consistently spending a couple million dollars per year on a team for offensive security operations could, I suppose, pull this off.