Tajuk : Microsoft publicly attacked the US government for ‘stockpiling’ exploits after a massive global cyberattack
link : Microsoft publicly attacked the US government for ‘stockpiling’ exploits after a massive global cyberattack
Microsoft publicly attacked the US government for ‘stockpiling’ exploits after a massive global cyberattack
Reuters
LONDON — Microsoft has criticised the US government in the aftermath of a massive ransomware cyberattack that hit computers around the globe on Friday, after it emerged that the malware made use of a software exploited developed by the NSA (National Security Agency).
Microsoft president and chief legal officer Brad Smith wrote a strong-worded statement that read in part: “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem … Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.”
The NSA — like other spy agencies — works to secretly develop “zero day” exploits that the software’s developers aren’t aware of, letting them break into targets’ computers when required. But critics argue that this “stockpiling” of vulnerabilities makes ordinary people less safe, as they can leak and fall into the wrong hands.
This is exactly what happened with the ransomware attack. The WannaCry ransomware software itself — which encrypts the victim’s data and demands a bitcoin ransom to unlock it again — was fairly ordinary. But it was paired with the “EternalBlue” exploit that was developed by the NSA and leaked online earlier this year by hacking group called Shadow Brokers, and it spread across the globe.
Organisations in more than 100 countries were affected, including Britain’s National Health Service (NHS), Spanish telecoms giant Telefónica, and logistics firm FedEx. Microsoft had already patched the exploit at the time of the attack — but because many organisations hadn’t updated their software, they were still vulnerable.
Stephen Brashear/Getty Images
Microsoft’s Brad Smith.
In short: A US government cyberweapon was repurposed by criminals to wreck havoc in hospitals and telecoms firms around the world.
“An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen,” Smith wrote. “And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.”
The Microsoft exec said that “governments of the world should treat this attack as a wake-up call.”
He once again called for a “Digital Geneva Convention” that will regulate how software vulnerabilities and cyberweapons are handled globally, and that would force governments to disclose vulnerabilities in a responsible manner.
He wrote: “They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world. We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits. This is one reason we called in February for a new ‘Digital Geneva Convention‘ to govern these issues, including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them.”
Security expert Graham Cluley summarised Brad Smith’s argument on Twitter as: “Microsoft is royally f—ed off with the NSA.”
Exiled NSA whistleblower Edward Snowden hailed the statement as “extraordinary.”
Get the latest Microsoft stock price here.
Read more stories on Business Insider, Malaysian edition of the world’s fastest-growing business and technology news website.
✍ Sumber Pautan : ☕ Business InsiderBusiness Insider
Kredit kepada pemilik laman asal dan sekira berminat untuk meneruskan bacaan sila klik link atau copy paste ke web server : http://ift.tt/2pO37Mh
(✿◠‿◠)✌ Mukah Pages : Pautan Viral Media Sensasi Tanpa Henti. Memuat-naik beraneka jenis artikel menarik setiap detik tanpa henti dari pelbagai sumber. Selamat membaca dan jangan lupa untuk 👍 Like & 💕 Share di media sosial anda!
Reuters
LONDON — Microsoft has criticised the US government in the aftermath of a massive ransomware cyberattack that hit computers around the globe on Friday, after it emerged that the malware made use of a software exploited developed by the NSA (National Security Agency).
Microsoft president and chief legal officer Brad Smith wrote a strong-worded statement that read in part: “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem … Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.”
The NSA — like other spy agencies — works to secretly develop “zero day” exploits that the software’s developers aren’t aware of, letting them break into targets’ computers when required. But critics argue that this “stockpiling” of vulnerabilities makes ordinary people less safe, as they can leak and fall into the wrong hands.
This is exactly what happened with the ransomware attack. The WannaCry ransomware software itself — which encrypts the victim’s data and demands a bitcoin ransom to unlock it again — was fairly ordinary. But it was paired with the “EternalBlue” exploit that was developed by the NSA and leaked online earlier this year by hacking group called Shadow Brokers, and it spread across the globe.
Organisations in more than 100 countries were affected, including Britain’s National Health Service (NHS), Spanish telecoms giant Telefónica, and logistics firm FedEx. Microsoft had already patched the exploit at the time of the attack — but because many organisations hadn’t updated their software, they were still vulnerable.
Stephen Brashear/Getty Images
Microsoft’s Brad Smith.
In short: A US government cyberweapon was repurposed by criminals to wreck havoc in hospitals and telecoms firms around the world.
“An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen,” Smith wrote. “And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.”
The Microsoft exec said that “governments of the world should treat this attack as a wake-up
He once again called for a “Digital Geneva Convention” that will regulate how software vulnerabilities and cyberweapons are handled globally, and that would force governments to disclose vulnerabilities in a responsible manner.
He wrote: “They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world. We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits. This is one reason we called in February for a new ‘Digital Geneva Convention‘ to govern these issues, including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them.”
Security expert Graham Cluley summarised Brad Smith’s argument on Twitter as: “Microsoft is royally f—ed off with the NSA.”
Exiled NSA whistleblower Edward Snowden hailed the statement as “extraordinary.”
Get the latest Microsoft stock price here.
Read more stories on Business Insider, Malaysian edition of the world’s fastest-growing business and technology news website.
✍ Sumber Pautan : ☕ Business InsiderBusiness Insider
Kredit kepada pemilik laman asal dan sekira berminat untuk meneruskan bacaan sila klik link atau copy paste ke web server : http://ift.tt/2pO37Mh
(✿◠‿◠)✌ Mukah Pages : Pautan Viral Media Sensasi Tanpa Henti. Memuat-naik beraneka jenis artikel menarik setiap detik tanpa henti dari pelbagai sumber. Selamat membaca dan jangan lupa untuk 👍 Like & 💕 Share di media sosial anda!
dengan itu Perkara Microsoft publicly attacked the US government for ‘stockpiling’ exploits after a massive global cyberattack
Kini anda membaca artikel Microsoft publicly attacked the US government for ‘stockpiling’ exploits after a massive global cyberattack dengan alamat pautan https://timesnewmalaysia.blogspot.com/2017/05/microsoft-publicly-attacked-us.html
Related Posts :
Malam Pertama Tiba2 Dipaksa Pakai Purdah. “Weh Babi Sial, Apa Nama Doc TU” Tak Sangka Ini Rupanya Perangai SUAMI Sampai Buat Sy Neroyan !!!
[VIDEO] Kantoi! Isteri dan Kekasih Melawat Serentak di Hospital- Ustazah Cantik Bak Model Dari Malaysia Viral Sampai Ke Indonesia (13 Gambar Terkini)
- Kawan Sekerja Cakap Nak Tolong Hantar Balik Rumah Rupa-Rupanya Aku Dibawa Ke..
- “Awak Pernah Tidur Dengan Mana-Mana lelaki?” Saya Tak Boleh Jawab Sebab Itu Aib Saya
0 Response to "Microsoft publicly attacked the US government for ‘stockpiling’ exploits after a massive global cyberattack"
Catat Ulasan