Global ransomware attack used info stolen from NSA, says Microsoft

Microsoft says government hoarding of hacking tools is partly to blame for the cyberattacks that crippled computer systems around the world on Friday.

In a blog post aimed to address the "WannaCry" ransomware attack, Microsoft explained that the exploit originated from a list of attacks "hoarded" by the US National Security Agency.

It has reportedly also threatened to release data from banks which use SWIFT, an worldwide money transfer network, and also information from nuclear and missile programs of countries such as Russia, China, Iran and North Korea. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today - nation-state action and organized criminal action.

All banks in the country have been ordered to keep their ATMs closed until the machines are protected from the WannaCry ransomware. On Friday, it reported 16 computer networks were shut down. "It knows how to exploit vulnerabilities in Windows XP, Windows Vista, Windows 7, Window Server 2008 and earlier versions", he added further.

Microsoft Headquarters, Redmond. A patch for the vulnerability was released 2 months ago on March 14th.

Microsoft president and legal officer Brad Smith blamed the NSA's practice of developing hacking methods to use against the U.S. government's own enemies. It is one of the things where you might be trying to cover all your bases, and so it lets you still recover your data and network. However, a glitch in the installer means that the variant propagates, but doesn't install the part of the malware that locks the computer.

"People always try to take the easiest way", Upadhyaya said, adding that it can "take some effort" to apply a patch - the piece of software created to fix a problem.

Ryan Kalember, an executive at Silicon Valley cyber firm Proofpoint, said the bigger issue is that people didn't patch their systems even though a patch was offered - and that Microsoft did not offer a free patch for old, unsupported systems until Saturday, after the ransomware started to spread. There are nearly 150 million computers running Windows XP operation system globally. "WannaCry encrypts core system files and the operating system stops functioning".

Microsoft cut special deals for government users in the first year, but the high costs led many - including the UK's National Health Service - to abandon the special support after one year, leaving them exposed to last week's attack.

Smith said that Microsoft proposed in February a new "Digital Geneva Convention" that would include a new requirement for governments to report software vulnerabilities to vendors, rather than stockpile, sell or exploit them. "They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world", said Microsoft President and Chief Legal Officer Brad Smith.

Latest News