The ‘ransomware’ cyberattack that has hit as many as 200,000 victims in over 150 countries should be treated by governments around the world as a “wake- up call”, IT giant Microsoft has said.
The virus exploits a flaw in a version of Microsoft Windows first identified by US intelligence. The attacks exploited the computers because they were running outdated versions of Microsoft’s Windows operating system.
The National Security Agency (NSA) alerted Microsoft about the issue three months ago and Microsoft released an upgrade that patched the flaw, but many users were yet to run it, CNN reported.
Brad Smith, Microsoft’s president and chief legal officer, said yesterday in a blog post that his company, its customers and the government all share the blame, the report said.
“The governments of the world should treat this attack as a wake-up call,” Smith wrote while also noting how “cybersecurity has become a shared responsibility between tech companies and customers.”
But he also blamed the governments. The security flaw that hackers used to launch the attacks on Friday was made public after information was stolen from the NSA, which routinely searches for flaws in software and builds tools to exploit them, the report said.
The government is not legally bound to notify at-risk companies. That’s wrong, says Smith. He argued there should be “a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them.”