Microsoft Comes out Swinging at NSA Over WannaCry Hack Attack – NBCNews.com

A programmer shows a sample of decrypting source code in Taipei, Taiwan, on May 13, 2017. Ritchie B. Tongo / EPA

Related:

"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017," Smith said in a

He likened the situation to what would happen - hypothetically - if the U.S. military had some of its Tomahawk missiles stolen.

"The governments of the world should treat this attack as a wake-up call. They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world. We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits," he said.

Microsoft called for a "Digital Geneva Convention" in February, asking for governments to report vulnerabilities to vendors, rather than stockpiling, selling or even using them.

Jeremiah Grossman, chief of security strategy at SentinelOne, told NBC News this instance may serve as a huge lesson in driving the conversation.

"Effectively, what Microsoft is saying is they don't want any government hoarding zero days because of situations like this," Grossman told NBC News. "We have to protect the nation and have to protect people first, but they had a leak."

Related:

While it looked to Grossman like Smith, of Microsoft, "came out swinging" at the National Security Agency, he said we shouldn't expect to hear anything concrete from the highly secretive group.

"We are not going to get a response unless it is in their best interest, and in this case, I can't imagine a narrative where it is," Grossman said.

Josh Feinblum, vice president of information security at cyber security firm Rapid7, told NBC News the WannaCry debacle speaks to a "broader industry challenge."

"I think that this exploit would have existed whether the NSA had discovered it or not," Feinblum said. "It's easy to want to pass blame, but I think it is a cost of operating in such a highly technological society and we just have to do a better job in figuring out how to get our environment secure."

Original post:
Microsoft Comes out Swinging at NSA Over WannaCry Hack Attack - NBCNews.com

Related Posts

Comments are closed.