Dec 22, 2024 | Updated: 11:35 AM EDT

Microsoft Blames Government For Storing Data On Software Vulnerabilities Accessible To Hackers, Leading To WannaCry Ransomware Attack

May 15, 2017 06:59 AM EDT

Microsoft says that governments around the world should treat the WannaCry Ransomware Attack as a wake-up call. It is blaming as well governments for storing data on software vulnerabilities that could be accessed by hackers. NSA reportedly kept secret from Microsoft the vulnerability exploited by the hacker group.

Brad Smith, chief legal officer of Microsoft, in a blog post, says that the WannaCry Ransomware Attack shows cybersecurity is a shared responsibility between customers and technology firms. The only way for customers to protect themselves against malware attacks is to update their systems since cybercriminals have become more sophisticated. Not updating would mean battling the present problems with tools from the past, The Independent reports.

Smith points out that vulnerabilities stored by the CIA show up on WikiLeaks. Now, the WannaCry Ransomware Attack stolen from NSA has affected 200,000 systems. He compares the latest malware attack to Tomahawk missiles of the U.S. military being stolen.

But he acknowledges the first responsibility to address the problem caused by the WannaCry Ransomware Attack is Microsoft’s, CNN reports. Smith disagrees with the situation wherein the government is not bound by law to inform at-risk companies. The Microsoft official says the policy is wrong and the government should be mandated to report vulnerabilities to vendors instead of stockpiling, selling, or exploiting it.

BBC reports there are fears the WannaCry Ransomware Attack would have more victims beyond the 200,000 systems affected over the weekend. However, so far, as of Monday, only nine cases of ransomware were found in South Korea.

When BBC analyzed three accounts linked to the WannaCry Ransomware Attack, it indicates about $38,000 was paid as of Monday morning. Hackers have demanded payments in Bitcoin ranging from $300 to $600 in exchange for the encryption key. But the hackers warn that the cost could double after three days. If within seven days no payment is made, they threatened to delete all the files.

Real Time Analytics