WannaCry: Microsoft criticized U.S. intelligence

Microsoft counsel Brad Smith has has criticized U.S. intelligence and them a substantial blame at the Ransomware attack WannaCrypt or WannaCry accused of affect the now worldwide over 200,000 Windows PCs. He called again for a digital Geneva Convention and called for joint action. Government authorities should not be allowed to store security holes and exploit them. At the same time, he promised that Microsoft will support customers regardless of their nationality and to defend when they are exposed to cyber attacks.

 Ransomware (image: Shutterstock)

“This is one reason why we called in February for a ‘digital Geneva Convention’ should deal with these problems,” writes Microsoft’s President and Chief Legal Officer in a blog . “This should include the obligation for Governments, to report vulnerabilities the software vendors, rather than to keep them in stock, for sale or use. “And that’s why we have our support for each customer in the face everywhere secured from cyber attacks, regardless of their nationality.” This principle will be in London, New York, Moscow. Delhi, Sao Paulo or Beijing implemented as well.

exceptionally whistle blower Edward Snowden Microsoft’s official confirmation that the NSA for the exploit was responsible, which hindered the operation of British hospitals now finds. The British civil rights organisation open rights group see also the British Intelligence Agency GCHQ responsibility in addition to the NSA. The Snowden documents be has long been known that share these two closely related intelligence vulnerabilities and exploits. With their decision to keep secret rather than to help her fix the vulnerability used for WannaCry, they would have enables the extortionate Ransomware numerous hospitals in the United Kingdom to the victims fell.

who demanded WannaCry epidemic, in which cybercriminals computer encrypted and ransom for the release, NSA of developed exploit was made possible by one of the U.S. foreign intelligence. He was released with other Windows hacking tools NSA by the hacker group of shadow broker. That most exploits were directed against older versions of Windows as Windows XP and Server 2003 however cease to exist confirmed that authenticity – a danger for users should Microsoft, since the underlying vulnerabilities with “previous updates for our supported products” have been eliminated. Some of the vulnerabilities remained but ungepatcht, because they concerned only the Windows version, for which the company more offered no support – such as the more widespread Windows XP. Only after the outbreak of the WannaCry epidemic was this weekend security updates for the security hole it exploited also for actually no longer supported operating systems Windows XP, Microsoft Windows 8 and Windows Server 2003 for free.

“The WannaCrypt exploits that were used in this attack, were Security Agency (NSA) in the stolen United States exploits of the of the national”, noted Microsoft Manager Brad Smith now. He referred on supplied by Microsoft security updates protected newer Windows systems, but “many computers worldwide remained ungepatcht. As a result of hospitals, companies, Governments, and private computer affected.”

comes through the Ransomware WannyCry now but also Microsoft in the criticism. ZDNet.com author accuses Microsoft Stilgherrian to make it too easy for his blaming the intelligence agencies on the one hand and patchunwillige users. He points to examples of how expensive medical technology and specialized software, which Nutzer rely on older versions of Windows.

support for the Windows XP probably predominantly affected by WannaCry there by Microsoft only in special cases and often prohibitive prices. “Microsoft would have to deliver clearly the critical update in March to all its users, not only to those who paid extra”, commented the New York Times . “Actually ‘Extra fee to us or we hold back critical security updates’ could be seen as its own form of ransomware.”

WEBINAR

what next – BB´s storage & co: the enterprise cloud!

get to know the building blocks of enterprise cloud platform in this audio Webinar. Learn how to achieve maximum freedom and flexibility for your applications. More outcome achieved with less input – specific application examples. [Update: the webinar has already occurred.] Register now and look at the record.

Be the first to comment

Leave a Reply