Thursday, September 23, 2021

Microsoft urges governments to treat cyberattack as wake-up call

New York, USA, May 14 (EFE).- Microsoft on Sunday urged governments worldwide to treat the recent ransomware global cyberattack, which has affected over 200,000 computers in at least 150 countries since May 12, as a “wake-up call” on the accumulation of vulnerabilities.

Microsoft President and Chief Legal Officer Brad Smith warned on the tech company’s official blog that the stockpiling of computer vulnerabilities by governments has become an emerging problem that causes widespread damages when information leaks out.

“We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.” Smith said, referring to the origin of the malicious software WannaCry, which has used a Microsoft Windows exploit to attack computers.

According to the tech giant, the recent cyberattack represents an “unintended but disconcerting link between the two most serious forms of cyber security threats in the world today – nation-state action and organized criminal action.”

Smith compared the cyberattack to the scenario in which the US military have some of its Tomahawk missile arsenal stolen and demanded that governments apply the same rules and responses as they deal with “weapons in the physical world.”

The Microsoft president recalled that last February the tech company called for a “Digital Geneva Convention” to cope with cyberattacks, including a new requirement for governments “to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them.”

Smith also urged a collective action of the tech sector, customers and governments to generate greater protection against cyber attacks.

Smith also addressed Microsoft’s responsibility in regards to the “wake-up call”, which has exploited vulnerabilities in the Windows operating system stolen from the NSA.

He pointed out that Microsoft, with over 3,500 security computer engineers in its workforce, is among the first responders to attacks on the internet, by constant updates of its software platform, the Microsoft Threat Intelligence Center (MSTIC) and its Digital Crimes Unit.

“We’ve been working around the clock since Friday to help all our customers who have been affected by this incident.” assured the president, who also revealed additional steps taken by Microsoft to assist its users with older Microsoft systems.

However, the tech giant president noted that the fact that so many computers still remained vulnerable two months after a patch was released illustrates that “as cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems.”

The ransomware WannaCry, which requests a payment in the Bitcoin digital currency to regain access to computers, has hit computers of the National Health Service in the UK, large companies in France and Spain, the largest rail network in Germany, government offices in Russia and universities in China and Taiwan, amongst others.

A computer expert from the UK, known only under his pseudonym “MalwareTech,” managed to slow down the cyberattack several hours after started to wreak havoc on May 12, but warned that new versions of the malware might spread.