Microsoft accused the NSA of accumulating exploits

Microsoft, represented by Brad Smith, President and Legal Director, expressed an official position on the global worm epidemic and cryptographer WannaCrypt (WannaCry, WanaDecrypt0r). Since Friday, this malware has hit more than 200 thousand computers in more than 150 countries , the United Kingdom and Russia have suffered the most. The worm spreads through an unclosed vulnerability in all versions of Windows, using the ETERNALBLUE exploit from the NSA arsenal, which hackers declassified two months ago , along with dozens of other exploits for Windows, Linux, HP-UX, SunOS, FreeBSD, JunOS, other operating systems and applications type of antivirus.

Brad Smith compared the NSA cyberspace's leak with the theft of Tomahawk missiles from the army. If such a powerful weapon goes to attackers, then expect trouble. The same thing happened with the ETERNALBLUE exploit.

Smith stressed that Microsoft released a patch to close this vulnerability a few days after the NSA leak, namely March 14, 2017. Patches were released only for the latest versions of Windows, for which official support is maintained. Unfortunately, some users do not install security updates, and hundreds of millions of people still sit on older versions of Windows, for which patches have not been released at all. Therefore, the infection spread so quickly.
')
Among others, the computers of many hospitals, banks, commercial companies, government organizations, and home users were hit on Friday. Renault has suspended the work of several factories in France, computer scientists Nissan are trying to restore the work of computers in an English factory. In the industrial conglomerate Hitachi, employees could not receive and send e-mail ; in China, they refused to accept payments at some PetroChina gas stations. Many Russian state organizations, including the Ministry of Internal Affairs, the Bank of Russia and the Ministry of Health, have been attacked. According to the expert InfoWatch , one of the reasons for the large number of victims in Russia can be a large distribution of pirated copies of software among personal users.

Realizing the scale of the epidemic, Microsoft on Friday promptly released patches for older versions of Windows that have already been removed from support, including Windows XP. According to the head of the company, employees had to work a lot to roll out patches. Brad Smith said that Microsoft has 3,500 security professionals, and the company is focusing on security issues.

Microsoft believes that the only protection against such attacks can only be a universal timely update of computer systems. At the same time, Microsoft understands that in practice it is difficult to achieve this because of the complexity and heterogeneity of modern IT infrastructure.

"The governments of the world should regard this attack as a signal for awakening," said the president of Microsoft. - They need to change their approach and implement in cyberspace the same rules that apply to weapons in the physical world. Governments should consider the damage done to civilians due to the concealment [of the NSA] of these vulnerabilities and the use of these exploits. This is one of the reasons why we in February called for the adoption of the Digital Geneva Convention to address these problems, including new requirements for governments to expose vulnerabilities to vendors instead of accumulating, selling and operating them. ”

Experts suggest that the current virus attack (which is not over yet - the second wave is expected) will contribute to the increasing popularity of cybersecurity . This market is now estimated at $ 2.5-3 billion annually, and 90% of cyber-insurance companies are issued in the USA. Insured companies can expect to receive insurance remuneration if the cryptographer has damaged their business. But in many cases, insurance is paid only if companies have installed a patch from Microsoft. Refusal of insurance can follow if the company paid the ransom to the extortionists without contacting the insurance company in advance.

According to the company Cyence, which is engaged in modeling cyber risks, the current epidemic of WannaCry has caused general economic damage due to the suspension of business companies around the world in the amount of $ 4 billion. Nonprofit Research Institute US Cyber ​​Consequences Unit believes that a more realistic estimate of several hundred million dollars , no more than a billion.