By Liam Tung
June 9, 2017
Russian President Vladimir Putin has backed Microsoft's warning over intelligence agencies creating cyber weapons in the wake of Friday's WannaCrypt ransomware attacks.
Putin on Monday cautioned against intelligence agencies creating exploits for software that may later be used for online crime, as demonstrated by Friday's WannaCrypt ransomware outbreak, which used a Windows exploit developed by the National Security Agency (NSA).
Putin said Russian institutions escaped significant damage from WannaCrypt, but like Microsoft president and chief legal council, Brad Smith, called for immediate political discussions about government-created exploits. He also denied Russia was behind the WannaCrypt attack.
"But as a whole it is worrying, there's nothing good about it, it is a source of concern. As regards the source of these threats, I believe that the leadership of Microsoft have announced this plainly, that the initial source of the virus is the intelligence services of the United States," Putin said, according to Reuters.
"Once they're let out of the lamp, genies of this kind, especially those created by intelligence services, can later do damage to their authors and creators," he added.
"So this question should be discussed immediately on a serious political level and a defence needs to be worked out from such phenomena."
Smith on Sunday called for "urgent collective action" in the wake of the WannaCrypt attacks, which have affected around 200,000 computers from 150 countries and took a heavy toll on the UK's National Health Service, Spanish telco Telefonica, and the Russian Interior Ministry.
He also called for a "digital Geneva convention", under which governments would agree to require agencies report vulnerabilities to vendors, rather than stockpile them.
Smith blamed the WannaCrypt outbreak on the NSA's practice of stockpiling exploits rather than reporting vulnerabilities to vendors. Though Microsoft released a patch this flaw in the March bulletin MS17-010, the WannaCrypt outbreak showed that many organizations take longer than two months to apply even critical updates.
"The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States," wrote Smith.
He added that the "attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem."
Among a trove of NSA tools the hacking crew Shadow Brokers released in April was EternalBlue, which exploited a flaw in Microsoft's Windows Server Message Block (SMB). The exploit gave WannaCrypt worm-like capabilities, helping it spread among Windows 7 and below machines (Windows 10 was not affected). However, the pace of infections was so swift that Microsoft took the unusual move of releasing patches even for unsupported Windows versions, including Windows XP and Windows 8.