Published: Tue, May 16, 2017
Medicine | By Earnest Bishop

Microsoft condemns NSA weaponization of malware after WannaCry attacks


Brad Smith, the technology firm's president and chief legal officer, criticised USA intelligence agencies the CIA and the National Security Agency (NSA) for "stockpiling" software code which could be exploited by hackers.

The computing giant said software vulnerabilities hoarded by governments had caused "widespread damage", the BBC reported.

"The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States", Mr. Smith wrote.

Milford suggested the timing of the attack - a Friday in the middle of graduation season - may be one of the reasons why colleges in the US have seen fewer incidents of WannaCry than other sectors and parts of the world. So far, not many people have paid the ransom demanded by the malware, Europol spokesman Jan Op Gen Oorth told The Associated Press.

Universities and other educational institutions in China were among the hardest hit, possibly because schools tend to have old computers and are slow to update operating systems and security, Internet strategy think tank ChinaLabs founder Fang Xingdong (方興東) said.

Although Microsoft patched the vulnerability in March, the ransomware preys on older systems, like those at National Health Service hospitals in England, which heavily rely on Windows XP.

U.S. package delivery giant FedEx, Spanish telecoms giant Telefonica and Germany's Deutsche Bahn rail network were among those hit in the attacks, which demanded money to allow users to unblock their computers.

There had been no incidents of ransomware infection involving government agencies, including the Taipei City government and the Ministry of Finance.

Carmaker Renault said one of its French plants, which employs 3,500 people, wasn't reopening Monday as a "preventative step".

MDH: Measles Spreads To Another County; Reaches 58 Total Cases
However, state health officials are urging schools to encourage parents to get the necessary vaccinations for their children. Officials also surmised that this infection spread during an extended family gathering of some kind within the state.

Today was expected to be a busy day, especially in Asia which may not have seen the worst of the impact yet, as companies and organisations turned on their computers.

Ransomware is a type of malicious software that takes over a computer and locks the user out, preventing them from accessing any files until they pay money.

Bitcoin, the world's most-used virtual currency, allows anonymous transactions via heavily encrypted codes.

But Milford, like MalwareTech, warned that the attack could resurface, like a virus that mutates to resist a treatment.

Security agencies are hunting for those behind a crippling cyber attack which has so far hit hundreds of thousands of computers worldwide, including at government agencies, factories and health services. "There is this stream of liability that flows from the ransomware attack", he said.

Anti-virus experts Symantec said the majority of organisations affected were in Europe.

"Expect to hear a lot more when users are back in their offices and might fall for phishing e-mails" or other as yet unconfirmed ways the worm may propagate, said Christian Karam, a Singapore-based security researcher.

"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem", he said.

Like this: