Microsoft criticizes government creation of hacking tools used in global cyber-attack

Elizabeth Williams
May 22, 2017

According to reports Automated Teller Machines (ATMs) are highly vulnerable to such malware attacks as they presently run on old version of Microsoft's Windows operating system, making a software security patch update a necessary exercise. From tax forms to planning documents, make it part of your routine to back up files often on your computers and mobile devices.

Microsoft has fired criticism at the U.S. government for its part in Friday's massive cyberattack that hit more than 100 countries and affected more than 100,000 organisations including the UK's National Health Service (NHS), telecoms giant Telefonica, auto manufacturers Nissan and Renault, and courier delivery service FedEx.

The WannaCry ransomware appears to only attack unpatched computers running Windows 10.

So far, one of the worst cyberattacks in recent memory has hit computers in 150 countries, Europol said, with WannaCry encrypting files and demanding ransom from victims. The technology behind WannaCry was actually developed by the National Security Agency in the USA, then stolen by hackers using the moniker Shadow Crew.

A Microsoft executive said Sunday that the massive global ransomeware attack - a cyber attack wherein an operating system is locked until a ransom is paid -shows why governments should share vulnerabilities with technology companies rather than hoarding them for potential exploits. This is an emerging pattern in 2017.

Smith argued that in cyberspace, governments should apply rules like those regarding weapons in the physical world.

But as Asia woke up to the working week on Monday, leading Chinese security-software provider Qihoo 360 said "hundreds of thousands" of computers in the country were hit at almost 30,000 institutions including government agencies. So even people with older computers should go update them.

On Friday, a security researcher inadvertently created a "kill switch" to help stop the spread of this ransomware. WikiLeaks' release of CIA hacking tools in March and the stealing of a Microsoft Windows vulnerability from the National Security Agency last month has caused alarm in many security circles. "An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen". He says while it may be time consuming, update your software when it says it has an update.

"As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems", Smith wrote. Because numerous computers impacted run older Windows systems like XP, Microsoft issued a rare patch for XP, which it had stopped updating more than three years ago.

Security firm Digital Shadows said on Sunday that transactions totalling $32,000 had taken place through Bitcoin addresses used by the ransomware.

"We have issued an advisory as well as a link of Windows patches that were released recently".

Organizations are scrambling to apply the latest security patch to their computers to prevent the spread of the attack.

Other reports by VgToday

Discuss This Article

FOLLOW OUR NEWSPAPER