Microsoft: Attack should be wake-up call for govts

Microsoft pinned blame on the US government for not disclosing software vulnerabilities after officials across the globe scrambled to catch the culprits behind a massive ransomware worm.
The Microsoft office in Massachusetts, US, on May 15, 2017.
 PHOTO: REUTERS
Updated
May 16, 2017, 01:33 PM
Published
May 16, 2017, 05:00 AM

WASHINGTON • Microsoft warned governments against storing computer vulnerabilities such as the leaked one at the heart of the cyber attack that has crippled computers in more than 150 countries.

"The governments of the world should treat this attack as a wake- up call," Microsoft's president and chief legal officer, Mr Brad Smith, wrote in a blog post about what is being called the largest ransomware attack.

He warned of the danger of exploits developed by governments - this time, the National Security Agency (NSA) in the United States - falling into the hands of hackers and causing widespread damage, as is the case with the current attack which has crippled more than 200,000 computers worldwide.

"An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen," Mr Smith wrote.

Computers around the globe were hacked beginning last Friday using a security flaw in Microsoft's Windows XP operating system, an older version that was no longer given mainstream technical support by the US computing giant.

The virus spread quickly because the culprits used a digital code believed to have been developed by the NSA and subsequently leaked as part of a document dump, according to the Moscow-based computer security firm Kaspersky Lab.

Mr Smith argued that in cyberspace, governments should apply rules such as those regarding weapons in the physical world.

He noted that Microsoft is calling for a "Digital Geneva Convention" that would require governments to report computer vulnerabilities to vendors rather than store, sell or exploit them. "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits," he wrote.

AGENCE FRANCE-PRESSE

Related Stories
US, Britain blame Russia for 'NotPetya' ransomware attack
Most Maersk operations running after global cyberattack
Mystery of motive for a ransomware attack: Money, mayhem or a message?
A ransom message popping up on a monitor of a payment terminal at a branch of Ukraine's state-owned bank Oschadbank after institutions were hit by a wave of cyber attacks yesterday. The new virus, which is spreading to many countries, has a fake Micr
New cyber attack spreads across Europe
Nato chief says cyber attacks could potentially trigger mutual defence commitment
Comparing NotPetya and WannaCry and tips on how to stay safe from ransomware
Singapore critical sectors, government not affected by NotPetya ransomware
Cyberattack reaches Asia and Australia as new targets hit by ransomware demand
China issues warning for new ransomware virus
Another large-scale cyber attack underway: Experts
Greater global cooperation required to fight cyber crime: China Daily
Hackers mint crypto-currency with technique similar to WannaCry 'ransomware' attack

Join ST's Telegram channel and get the latest breaking news delivered to you.

A version of this article appeared in the print edition of The Straits Times on May 16, 2017, with the headline Microsoft: Attack should be wake-up call for govts. Subscribe

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top