An
unprecedented global cyber attack that infected computers in at least 150
countries beginning on Friday has unleashed a new wave of criticism of the U.S.
National
Security Agency.
The attack
was made possible by a flaw in Microsoft's Windows software that the NSA used
to build a hacking tool for its own use - only to have that tool and others end
up in the hands of a mysterious group called the Shadow Brokers, which then
published them online.
Microsoft
Corp President Brad Smith sharply criticized the U.S. government on Sunday for
"stockpiling" software flaws that it often cannot protect, citing
recent leaks of both NSA and CIA hacking tools.
"Repeatedly,
exploits in the hands of governments have leaked into the public domain and
caused widespread damage," Smith wrote in a blog post. "An equivalent
scenario with conventional weapons would be the U.S. military having some of
its Tomahawk missiles stolen."
Some major
technology companies, including Alphabet Inc's Google and Facebook Inc ,
declined comment on the Microsoft statement.
But some
other technology industry executives said privately that it reflected a widely
held view in Silicon Valley that the U.S. government is too willing to jeopardize
internet security in order to preserve offensive cyber capabilities.
The NSA did
not respond to requests for comment.
The NSA and
other intelligence services generally aim to balance disclosing software flaws
they unearth against keeping them secret for espionage and cyber warfare
purposes.
On Monday,
senior administration officials defended the government's handling of software
flaws, without confirming the NSA link to WannaCry, the tool used in the global
ransomware attack.
"The
United States, more than probably any other country, is extremely careful with
their processes about how they handle any vulnerabilities that they're aware
of," Tom Bossert, the White House homeland security adviser, said at a
press briefing on Monday.
Other tools
from the presumed NSA toolkit published by the Shadow Brokers have also been
repurposed by criminals and are being sold on underground forums, researchers
said. But they appear to be less damaging than WannaCry. It is not known who is
behind the Shadow Brokers.
Derek Manky,
global security strategist at cyber security firm Fortinet, said he thinks
WannaCry is probably the worst that will come from the Shadow Brokers’ publicly
dumped toolkit, though the group may have held back from public revealing
everything it obtained
“Out of that
batch, it is probably a high-water mark,” Manky said.
"WE
KNEW IT COULD BE A PROBLEM"
Security
experts said the NSA had engaged in responsible disclosure by informing
Microsoft of the flaw at some point after learning it had been stolen and a
month before the tools leaked online.
Users who do
not patch their systems and the Shadow Brokers were more directly responsible
for the attack than NSA, they said.
The
Department of Homeland Security began an "aggressive awareness
campaign" to alert industry partners to the importance of installing the
Microsoft patch shortly after it was released in March, an agency official
working on the attack said.
"This
one, we knew it could be a problem,” the official told Reuters.
REUTERS
0 Comments