Microsoft Blames Spy Agencies for Ransomware Disaster

The National Security Agency (NSA) campus
Semansky/AP/REX/Shutterstock

Microsoft didn’t hold back in a response to this weekend’s massive ransomware attack, which by latest estimates has infected and knocked out more than 200,000 computers worldwide. The software giant squarely but the blame on spy agencies for such incidents in a blog post published by Microsoft President and Chief Legal Officer Brad Smith Sunday. “The governments of the world should treat this attack as a wake-up call,” Smith wrote.

Microsoft is blaming the NSA in particular, because the exploit used for the attack was first discovered by a paid contractor of the spy agency, and afterwards kept secret to be used for future surveillance. The NSA stockpiled a number of such cyber weapons, only to see hackers steal them and leak them online this year.

“We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits,” Smith wrote. “This most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.”

“This is one reason we called in February for a new ‘Digital Geneva Convention’ to govern these issues, including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them,” he continued. “We should take from this recent attack a renewed determination for more urgent collective action. We need the tech sector, customers, and governments to work together to protect against cybersecurity attacks.”

Microsoft released a patch for the vulnerability exploited in this weekend’s ransomware attack last month after it surfaced on Wikileaks.

However, many users didn’t immediately update their computers. Hardest hit have been users of old and outdated operating systems, which in many cases included specialized applications. This led to massive outages at U.K. healthcare providers, and Twitter users posted photos of hacked public transit signage.

Security researchers were able to stop the flow of new infections this weekend after discovering a kind of kill switch, but there are concerns that new versions could flare up again this week. For its part, Microsoft said that its 3500 security engineers have been working hard to put an end to this specific attack. As part of this, Microsoft also issued patches for older versions of Windows that it hasn’t officially been supporting anymore.

Filed Under:

Want to read more articles like this one? SUBSCRIBE TO VARIETY TODAY.
Post A Comment 0

Leave a Reply

No Comments

Comments are moderated. They may be edited for clarity and reprinting in whole or in part in Variety publications.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

More Digital News from Variety

Loading