Skip to main content
  1. Home
  2. Computing
  3. News

Top Microsoft lawyer slams government for ‘stockpiling’ vulnerabilities

Jonathan Keane
By

Microsoft
Image used with permission by copyright holder
As IT departments around the world are still reeling from the weekend’s spate of ransomware attacks, Microsoft’s head legal counsel has slammed the United States government for “stockpiling” vulnerabilities.

In a blog post, Microsoft president and chief legal officer Brad Smith criticized the NSA for collecting and storing zero-days that it could lose control of. That appears to be exactly what happened this past weekend when the WannaCry ransomware was unleashed on companies like FedEx, NHS hospitals in the United Kingdom, car manufacturers, and telcos. The malware is believed to have been stolen by a mysterious hacker group called the Shadow Brokers and leaked online.

Recommended Videos

Smith said this case and the recent case around WikiLeaks publishing details of hacking tools and vulnerabilities used by the CIA are causing “widespread damage”.

Related

“An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen,” he said. “And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today — nation-state action and organized criminal action.”

The culprits behind the attacks remain unknown. On Monday morning, businesses returned to work with apprehension as their IT departments were still assessing the damage. Staff in NHS hospitals in the U.K. were advised to not log in to their computers this morning as it was still awaiting a new antivirus installation.

The global incident should be a “wake-up call” to governments, Smith said in the blog post, which pulled no punches. Smith suggested that governments need to treat malware with the same rules as physical weapons and the effect they can have on ordinary people. In the case of hospitals attacked by WannaCry, there were reports of some important patients’ procedures being postponed.

Smith went on to reiterate Microsoft’s call for a “Digital Geneva Convention” to regulate how governments handle zero-days, requiring them to disclose these vulnerabilities to vendors so they can be patched promptly.

“We should take from this recent attack a renewed determination for more urgent collective action. We need the tech sector, customers, and governments to work together to protect against cybersecurity attacks.”

Editors' Recommendations

Topics
Jonathan Keane
Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
The best tablets in 2024: top 11 tablets you can buy now
Disney+ app on the iPad Air 5.

As much as we love having the best smartphones in our pockets, there are times when those small screens don't cut it and we just need a larger display. That's when you turn to a tablet, which is great for being productive on the go and can be a awesome way to unwind and relax too. While the tablet market really took off after the iPad, it has grown to be quite diverse with a huge variety of products — from great budget options to powerhouses for professionals.

We've tried out a lot of tablets here at Digital Trends, from the workhorses for pros to tablets that are made for kids and even seniors -- there's a tablet for every person and every budget. For most people, though, we think Apple's iPad Air is the best overall tablet — especially if you're already invested in the Apple ecosystem. But if you're not an Apple user, that's fine too; there are plenty of other great options that you'll find in this roundup.

Read more
How to delete a file from Google Drive on desktop and mobile
Google Drive in Chrome on a MacBook.

Google Drive is an excellent cloud storage solution that can be accessed from numerous devices. Whether you do most of your Google Drive uploading or downloading from a PC, Chromebook, or mobile device, there’s going to come a time when you’ll need to delete a file (or two). Fortunately, the deletion process couldn’t be more straightforward. We’ve also put together this helpful guide to show you how to trash your Drive content a couple of different ways.

Read more
Windows 11 might nag you about AI requirements soon
Copilot on a laptop on a desk.

After recent reports of new hardware requirements for the upcoming Windows 11 24H2 update, it is evident that Microsoft is gearing up to introduce a bunch of new AI features. A new report now suggests that the company is working on adding new code to the operating system to alert users if they fail to match the minimum requirements to run AI-based applications.

According to Albacore on X (formerly known as Twitter), systems that do not meet the requirements will display a warning message in the form of a watermark. After digging into the latest Windows 11 Insider Build 26200, he came across requirements coded in the operating system for an upcoming AI File Explorer feature. The minimum requirement includes an ARM64 processor, 16GB of memory, 225GB of total storage, and a Qualcomm Snapdragon X Elite NPU.

Read more