By Tamlin Magee
May 17, 2017
The American government has taken flak for the attack. Microsoft's general counsel Brad Smith wrote in a blog post over the weekend that the the ransomware underlines why "the stockpiling of vulnerabilities by governments is such a problem".
"This is an emerging pattern in 2017," he wrote. "We have seen vulnerabilities stored by the CIA show up on Wikileaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.
"And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today - nation-state action and organised criminal action."
Smith went on to mention Microsoft's calls for a 'Digital Geneva Convention' to set out rules of play in cyber, including requirements for governments to report vulnerabilities to vendors. Carbon Black's Rick McElroy expressed doubt to sister title Techworld that joined-up, international efforts to address cyber risk will exist in a meaningful way before devastating attacks take place, rather than after it's too late.
To check whether your computer is protected against the WannaCry ransomware, you can try a free tool, the WannaCry-Checker, which was developed by our sister publication, PC World Germany. Click here to learn more.