Microsoft on Sunday said a software vulnerability stolen from the U.S. National Security Agency has affected customers around the world, and described the spread of the WannaCrypt ransomware on Friday in many countries as yet another example of the problems caused by the stockpiling of vulnerabilities by governments.
Referring to the attack as a “wake-up call,” Microsoft’s President and Chief Legal Officer, Brad Smith wrote in a blog post that governments have "to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits."
在勒索,也被称为WannaCry或瓦纳解密,works by exploiting a vulnerability in some older versions of Windows.It has been suspected for some time now that the malware came from a cache of hacking tools reportedly stolen by hacking group Shadow Brokers from the NSA and leaked on the internet. WannaCry is said to take advantage of a NSA hacking tool, called EternalBlue, that can make it easy to hijack unpatched older Windows machines.
微软现在确认,在上周五袭击中使用的WannaCrypt的功绩,从国家安全局窃取攻击的宝库绘制。“Until this weekend's attack, Microsoft declined to officially confirm this,as US Gov refused to confirm or deny this was their exploit," wrote NSA whistleblower Edward Snowden in a tweet.
On March 14, the company had released a security update to patch the vulnerability. “While this protected newer Windows systems and computers that had enabled Windows Update to apply this latest update, many computers remained unpatched globally,” Smithwrote. “As a result, hospitals, businesses, governments, and computers at homes were affected.”
On Friday a number of agencies and businesses around the globe, including the U.K.’sNational Health Service, were disrupted by the malware, which is estimated to have hit over 100,000 organizations in 150 countries, Rob Wainwright, executive director of Europol, the European law enforcement agency,told ITV.
Microsoftrolled out over the weekend a patchfor Windows XP, Windows Server 2003 and Windows 8, which are operating systems for which it no longer provides mainstream support.
有忧虑的是,攻击的第二波可能周一抵达作为受影响的计算机的员工的回报和开关。攻击者还可以打与恶意软件的变体背面是不具备规定the “kill switch” found by a researcherto stem the first round of attacks. "Version 1 of WannaCrypt was stoppable but version 2.0 will likely remove the flaw. You're only safe if you patch ASAP,"wrote the researcher on Twitter.
微软在二月呼吁“Digital Geneva Convention”laying down the rules for the protection of users from state cyber attacks, including a requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them. “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world,” Smith wrote.
Exploits in the hands of governments have repeatedly leaked into the public domain and caused widespread damage, wrote Smith, who compared the leaks of CIA and NSA vulnerabilities to the U.S. military having some of its Tomahawk missiles stolen. “This most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action,” he added.