Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 7 MINUTES AGO.
You are here: Home / Cybercrime / MS: Government Hoards Hack Tools
Microsoft Criticizes Government Creation of Hacking Tools
Microsoft Criticizes Government Creation of Hacking Tools
By Matt Day Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
MAY
16
2017
Microsoft says government hoarding of hacking tools is partly to blame for the cyberattacks that crippled computer systems around the world on Friday.

The company also reiterated a call it made earlier this year for an international agreement among states to shield civilians and corporate noncombatants from hacking.

In what one of the most significant cyberattacks ever recorded, computer systems from the U.K. to Russia, Brazil and the U.S. were hit beginning Friday by malicious software that exploited a vulnerability in Microsoft's Windows operating system. The hacking tool at work was originally developed by the U.S. National Security Agency, before it leaked online earlier this year.

"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem," Microsoft President and Chief Legal Officer Brad Smith said in a blog post on Sunday, comparing the recent leaks of NSA and CIA hacking tools to, in the real world, the theft of cruise missiles.

Instead of developing hacking tools in secret and holding them for use against adversaries, governments and intelligence agencies should share weaknesses they find with Microsoft and other software makers so that vulnerabilities can be repaired.

Smith repeated a call he made in February, calling for an international convention on the use of cyberwarfare akin to the Geneva Conventions' protections for noncombatants and other guidelines in conventional warfare.

Microsoft had released in March a patch to fix the flaw exploited this week, but many computers, particularly older systems or devices that hadn't been updated, remained vulnerable.

The company on Friday said it had added additional protection against the specific malware, and was working with affected customers. Microsoft also took the unusual step of releasing security fixes for systems it no longer is keeping up to date, including the Windows XP, first released in 2001 and still widely used in some corners.

The attack was a reminder that people and businesses should keep their software up to date, or else remain vulnerable, Smith said.

"The governments of the world should treat this attack as a wake-up call," Smith said. "They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world."

© 2017 Seattle Times under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: iStock .

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN CYBERCRIME
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.