Microsoft’s chief legal officer is chastising the U.S. government in the wake of the damage caused worldwide by the WannaCry virus, an insidious ransomware that holds hostage the data of its victims.
Those victims include industry and retail locations as well as hospitals, schools and households across the globe with Europe and Asia being the hardest hit. More than 200,000 computers in at least 150 countries have been hit since Friday and more could be impacted today as employees return to work.
Microsoft’s Brad Smith is blaming the U.S. National Security Agency for collecting and storing governments’ online weaknesses and then leaving those flaws vulnerable to data theft on its own systems.
“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage,” Smith wrote in a blog post. “The governments of the world should treat this attack as a wake-up call. They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world. We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits.”
WannaCry secretly searches computers for personal files to encrypt, according to the Secure List security blog. Once the files are encrypted, a ransom demand is made. Victims are asked to pay $600 in Bitcoin for the files’ release.
The data theft from the NSA, which was reported in April, was courtesy of a hacking group known as the Shadow Brokers. The theft had minimal impact initially because a month prior, on March 14, Microsoft released a security update to patch the vulnerability. This protected all newer Windows systems that had enabled Windows Update.
Now that hackers have found a new way to target Windows users, Microsoft has released a patch for XP to aid users that are still running the old system, one that the company no longer supports.
“We take every single cyberattack on a Windows system seriously, and we’ve been working around the clock since Friday to help all our customers who have been affected by this incident,” Smith said. “This included a decision to take additional steps to assist users with older systems that are no longer supported. Clearly, responding to this attack and helping those affected needs to be our most immediate priority.”
Microsoft principal security group manager Phillip Misner said the company is “working with customers to provide additional assistance” as needed.
Updates will be posted to the firm’s security blog as the situation evolves.