THE recent cyberattack that saw a ransomware called WannaCry cripple institutions throughout the world has thrust the subject of cybersecurity into the spotlight. At the same time, the US National Security Agency (NSA) and tech giant Microsoft have been grappling with the issue of who to blame for the catastrophe.
WannaCry exploited a Windows networking protocol, which allowed the ransomware to spread within networks. The attack shed light on just how many Microsoft users hadn’t updated their software with a patch released a couple of months ago.
However, Microsoft has shifted some of the blame onto the NSA, saying hackers only found the Windows vulnerability because of data the intelligence agency had stockpiled.
Microsoft president Brad Smith wrote in a blog post: “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem … Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.
“The governments of the world should treat this attack as a wake-up call. They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world. We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits,” he said.
Microsoft isn’t the only one pointing fingers at the NSA – China also added its two cents, saying: “Concerted efforts to tackle cyber crimes have been hindered by the actions of the United States.”