The Strategist

Microsoft calls for cyber-disarmament

05/15/2017 - 15:34

President and Chief Legal Officer of Microsoft Brad Smith actually laid the responsibility for Friday's cyberattack of the world countries’ governments. In his blog, he urged state structures to stop "accumulating vulnerabilities", and called the attack itself a warning for everyone.

Last night, Microsoft’s official blog has published Brad Smith’s statement dedicated to an attack of the WannaCry virus, which began on Friday. The virus affected at least 200 thousand computers in 150 countries of the world.

Mr. Smith started his article explaining what has happened. According to him, "WannaCrypt (WannaCry) ... uses data stolen from the National Security Agency", and the company itself did everything possible to remedy the situation. "On March 14, Microsoft released a security update ... to close the vulnerability and protect our customers." Mr. Smith noted that those computers that did not update their security system suffered the most.

However, Mr. Smith sees the main problem in the fact that the world’s states are building up their "arsenals of vulnerabilities".

"The current attack is another example of why the world’s governments increasing the vulnerabilities are such a serious problem," said Microsoft’s President. "We saw how the vulnerabilities gathered by the CIA were presented to WikiLeaks and how now the vulnerability data stolen from the NSA affected customers around the world. "

According to Mr. Smith, Microsoft is working "round the clock" to help the affected customers, but new cyber attacks will be repeated until governments give up their behavior.

"Governments of the world must take this attack as a warning. They need to abandon the old approach to the problem and adhere to the same rules in cyberspace that operate in the physical world", Mr. Smith noted, recalling that in February his company called for creation of a new convention. He meant introduction of a binding rule, on which governments are obliged to report the detectable vulnerabilities to software vendors, and not to save, sell or use them to their advantage.

In the meantime, the world powers are seriously considering confrontation with hackers. Thus, the British authorities are going to allocate additional £ 50 million ($ 64 million) to cyber-protect the national health service after the recent major hacker attack. The hackers disrupted operation of thousands of computers in many countries, in particular in the UK. As British Defense Minister Michael Fallon out it, about two billion pounds ($ 2.5 billion) have already been allocated on cyber-security. However, the Friday attack proved that this amount was insufficient.

Apart from the UK, the US President last week signed an appropriate decree that aims to strengthen the Internet security of the federal government. This was reported by Reuters with reference to the representative of the administration.

Answering the journalist's question whether such measures are related to the information on attacks by Russian hackers on the US, Trump's national security adviser Thomas Bossert stated that this is not the case.

"This is not done in connection with Russia, but for US security," Bossert said, adding that the States are attacked not only by Russian hackers.