Microsoft blames NSA for global cyberattack
Main page News, Tech

Microsoft (NASDAQ: MSFT) has pointed the finger of blame at the US government for the "WannaCry" ransomware attack that has crippled computers all over the world.

The software maker said the vulnerability that hackers used to launch the attacks on Friday was made public after information was stolen from the US National Security Agency (NSA), which scours software for weaknesses and builds tools to exploit them.

Microsoft's Chief Legal Officer brad Smith said the company has"first responsibility" to prevent such attacks but Windows users and the US government are not blame free.

"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem," he said.

"An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen."

China and Australia agree not to use cyber attacks against each other for industrial espionage

Mr Smith said that governments should alert software makers when they identify flaws in their products "rather than stockpile, sell, or exploit them".

There is currently no such requirement.

"Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage," Mr Smith wrote.

Trump says there's no need to punish Russia for cyberattacks on the U.S. election

The NSA did inform Microsoft about the vulnerability three months ago and the tech firm quickly released an update that addressed the issue. However, experts have said the attack would not have been as destructive had the NSA alerted the company earlier.

So far more than 200,000 computers in 150 countries have been affected by the cyberattack, which creates encrypted copies of files and deletes the originals. Users are then asked to pay a ransom of a few hundred dollars in order to access their files again.

Renault said one of its French plants will remain closed today as technicians continue to deal with the aftermath of the cyberattack.


Read also:
Please describe the error