WannaCry ransomware, which caused havoc in the summer of 2017, is a computer virus that infected and spread across 150 countries. According to Forbes, it affected the systems of 48 UK National Health Services centers, FedEx, Telefonica, Renault and Nissan plants, American universities, Russian government systems, and even Chinese ATMs.
The ransomware infects a Windows computer and encrypts its files on the hard drive. It then demands a ransom amount, and only after the payment of said amount will the user be able to gain access to his/her computer.
The cyber catastrophe is certainly a priority and, naturally, folks want to get to the bottom of the whole situation. Unfortunately, it has also led to a serious blame game.
It was found that Eternal Blue, a Microsoft exploit developed by the National Security Agency (NSA) was leaked by a hacker group, Shadow Brokers, and was also one of the tools used to quickly spread WannaCry ransomware throughout the world.
Eternal Blue takes advantage of a vulnerability in Microsoft’s system and directly attacks its Server Message Block. This defect allows hackers and attackers to take control of the system and, in this case, even lock it, with the demand for ransom money.
As a result, Microsoft has criticized and accused the government and its agencies of keeping this exploit a secret and even hoarding it in the first place. Microsoft President and Chief Legal Officer Brad Smith said:
“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem…The governments of the world should treat this attack as a wake-up call.”
As vendors and customers are often in the dark about these exploits and weaknesses, they are unable to secure themselves from a possible attack by hackers.
Smith even likened the leak of these weaknesses to the robbery of missiles from the military highlighting the gravity of the situation. Smith wrote in his blog that:
“An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today — nation-state action and organized criminal action.”
He attacked the government, stating that it is time the government took action and treated cyberspace breaches the same way they would a breach in the physical world. Damage to civilian lives through cyberattacks is significant and the government needs to take responsibility.
Microsoft has also called for the establishment of a Digital Geneva Convention to protect users and vendors from such cyberattacks by requiring governments to report such vulnerabilities and exploits instead of simply hoarding them, or worse, exploiting or selling them.
Smith wants the Digital Convention to be modeled after the Geneva Convention on the rules to govern war and protect civilians.
On its part, Microsoft has developed a patch for the ransomware and even released fixes for its previous, very old operating systems, some of which are no longer covered for support. These old operating systems even included Windows XP and Windows Server 2003.
In contrast, Brian Lord , Managing Director of PGI Cyber and former deputy director of one of the UK’s intelligence agencies, has stated:
“For Microsoft to say that governments should stop developing exploits to Microsoft products is naive… To keep the world safe, these things have to be done.”
The comment is based on the use of such exploits by government agencies to attack an enemy, or even terrorist computers, who generally use Microsoft operating systems.
Like this article? Subscribe to our weekly email for more!