Global tech giant Microsoft has reacted to the ‘WannaCry’ hacking spree, saying that it will take responsibility and address its own vulnerabilities.
President and Chief Legal Officer Brad Smith adds, however, that cybersecurity has become a “shared responsibility between tech companies and customers”. He cites the fact that most computers remain vulnerable months after security updates are released as evidence of customer complacency.
The WannaCry pandemic has affected more than 75 000 PCs across 99 countries, ransoming data for Bitcoins. It exploits a Microsoft Windows vulnerability developed by the United States’ National Security Agency.
“As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems,” says Smith. “Otherwise they’re literally fighting the problems of the present with tools from the past.”
He also implies that the US government is to blame for the attack, with the ‘stockpiling’ of exploitable vulnerabilities giving ammunition to cyber criminals.
“We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits,” he adds.
Ultimately, Microsoft wants customers, tech companies and governments to work in sync to prevent crises like the one currently being wrought by WannaCry. “More action is needed, and it’s needed now,” says Smith.