- The internet is mocking Robert Mueller’s report deadline Friday 7:53 PM
- Instagram blocks some anti-vax hashtags—but still has far to go Friday 6:20 PM
- Study: Netflix released more originals than licensed titles last year Friday 2:26 PM
- Laura Ingraham, Dinesh D’Souza slam journalist for having a job Friday 1:40 PM
- Netflix is testing a cheap-as-hell mobile-only plan Friday 1:08 PM
- Astrology app Co-Star’s bizarre push notifications are now a meme Friday 12:18 PM
- ‘The Dirt’ offers a sanitized history of Mötley Crüe—but why? Friday 11:42 AM
- ‘The Dirt’ director Jeff Tremaine on Mötley Crüe’s long, difficult road to Netflix Friday 11:30 AM
- Here’s video of yet another alleged gunman looking for YouTuber Adam22 Friday 11:09 AM
- 12 mugs that are absolutely purr-fect for cat enthusiasts Friday 10:58 AM
- Jared Kushner used WhatsApp for official White House business Friday 10:50 AM
- Unsettled Tom memes are on the rise Friday 10:36 AM
- Trans student nominated for prom king told by administration to run for queen Friday 10:07 AM
- Trump turns on his favorite cable news network Friday 8:56 AM
- Skillshare is offering new users one month of premium for less than $1 Friday 8:34 AM
Microsoft condemns NSA weaponization of malware after WannaCry attacks
Microsoft’s Brad Smith likened the scenario to the ‘U.S. military having some of its Tomahawk missiles stolen.’
Microsoft confirmed in a blog published on Sunday that the devastating ransomware that infected around 200,000 computers across 150 countries late last week was “drawn from the exploits stolen from the National Security Agency, or NSA, in the United States.”
The aggressive malware, dubbed WannaCrypt, utilized a previously reported vulnerability found within the Windows operating system produced by Microsoft.
The ransomware had been leaked by a hacker group called Shadow Brokers in 2016 and although a patch was already available for the exploit, many systems had not been updated and were left crippled as the virus rolled out. In the U.K., the National Health Service’s systems across 48 localized trusts fell victim, for example, seriously impacting patient care.
Responding to the incident, the company’s president and chief legal officer, Brad Smith, criticized the U.S. government’s weaponizing of computer vulnerabilities, the leak of which enabled this attack, and the dangers of not informing tech companies about them.
— Edward Snowden (@Snowden) May 14, 2017
“This most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today—nation-state action and organized criminal action,” he wrote.
“Governments of the world should treat this attack as a wake-up call. … They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world,” Smith continued, adding: “We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits.”
Smith then likened the severity of the scenario to the “U.S. military having some of its Tomahawk missiles stolen.” He called, once again, for a Digital Geneva Convention that would require governments to “report vulnerabilities to vendors, rather than stockpile, sell, or exploit them.”
Aside from taking a position on the wider consequence and implication of what will become a notorious cyberattack, Smith also took the time to underline Microsoft’s commitment to resolving the situation—beginning with a dedicated force of 3,500 security engineers currently working to help customers around the world recover their systems.
This is the thing. This approach by the NSA – and by GCHQ – makes us *all* less secure. It’s not privacy v security at all. We lose both. https://t.co/Xiq8zRDbF3
— Paul Bernal (@PaulbernalUK) May 15, 2017
David Gilmour is a reporter who specializes in national politics, internet culture, and technology. He previously covered civil liberties, crime, and politics for Vice.