On Sunday, Microsoft’s chief counsel, Brad Smith, wrote on the company’s blog that the NSA’s hoarding of software vulnerabilities, and then having them stolen was similar to having some Tomahawk missiles stolen. Both scenarios can cause chaos and untold damage.
Today the world is living through the consequences of the NSA’s best security tools getting offered up free to the world’s hackers on WikiLeaks.
Around the world systems are being taken over by malicious software known as “ransomware,” created by criminals who force users to pay in order to regain control of their systems.
Smith gives a brief rundown of the situation:
Early Friday morning the world experienced the year’s latest cyberattack.
Starting first in the United Kingdom and Spain, the malicious “WannaCrypt” software quickly spread globally, blocking customers from their data unless they paid a ransom using Bitcoin. The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States. That theft was publicly reported earlier this year. A month prior, on March 14, Microsoft had released a security update to patch this vulnerability and protect our customers. While this protected newer Windows systems and computers that had enabled Windows Update to apply this latest update, many computers remained unpatched globally. As a result, hospitals, businesses, governments, and computers at homes were affected.
All of this provides the broadest example yet of so-called “ransomware,” which is only one type of cyberattack. Unfortunately, consumers and business leaders have become familiar with terms like “zero day” and “phishing” that are part of the broad array of tools used to attack individuals and infrastructure. We take every single cyberattack on a Windows system seriously, and we’ve been working around the clock since Friday to help all our customers who have been affected by this incident. This included a decision to take additional steps to assist users with older systems that are no longer supported. Clearly, responding to this attack and helping those affected needs to be our most immediate priority.
Read more here.