Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Microsoft slams spy agencies for 'stockpiling' vulnerabilities
Source: CNET
Microsoft slams spy agencies for 'stockpiling' vulnerabilities
Tech giant's chief counsel calls this weekend's WannaCry attack
a 'wake-up call' for greater communication on vulnerabilities.
by Steven Musil
May 14, 2017 4:16 PM PDT
Microsoft is criticizing government agencies for hoarding software flaws and keeping them secret, calling this weekend's massive ransomware attack a "wake-up call."
Brad Smith, Microsoft's chief counsel, wrote Sunday in a company blog post that by keeping the vulnerabilities secret from vendors, it opens users open to attack like the WannaCry hack, in which malware locked down computers while demanding a hefty sum for freedom. He compared the WikiLeaks release of NSA hack tools to a theft of weapons from the US military.
"An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen" Smith wrote. "And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today -- nation-state action and organized criminal action.
"The governments of the world should treat this attack as a wake-up call," he wrote. "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits."
[font size=1]-snip-[/font]
Tech giant's chief counsel calls this weekend's WannaCry attack
a 'wake-up call' for greater communication on vulnerabilities.
by Steven Musil
May 14, 2017 4:16 PM PDT
Microsoft is criticizing government agencies for hoarding software flaws and keeping them secret, calling this weekend's massive ransomware attack a "wake-up call."
Brad Smith, Microsoft's chief counsel, wrote Sunday in a company blog post that by keeping the vulnerabilities secret from vendors, it opens users open to attack like the WannaCry hack, in which malware locked down computers while demanding a hefty sum for freedom. He compared the WikiLeaks release of NSA hack tools to a theft of weapons from the US military.
"An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen" Smith wrote. "And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today -- nation-state action and organized criminal action.
"The governments of the world should treat this attack as a wake-up call," he wrote. "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits."
[font size=1]-snip-[/font]
Read more: https://www.cnet.com/news/microsoft-slams-spy-agencies-for-stockpiling-vulnerabilities/
