Microsoft: Software Used in Global Cyber Attack on Friday Was Stolen from NSA – Fox News

 

By Jay Greene, The Wall Street Journal

Microsoft Corp. said that the software used in the global cyber assault that began Friday came from code stolen from the U.S. National Security Agency, adding that the attack should serve as a wake-up call for governments over the risks of hoarding such digital weapons for use against their enemies.

The software giant’s statement is the most authoritative confirmation so far of the connection between the Friday attack and the code that appeared to be for cyberattacks and was disclosed in April by an anonymous group called Shadow Brokers, which said it had obtained it from the NSA. The U.S. spying agency has declined to comment on the matter.

In a blog post Sunday, Brad Smith, Microsoft president and chief legal officer, said that the U.S. espionage agency authored the software that was eventually stolen and made its way into the hands of hackers who drew from it in the assault that has disrupted computers in at least 150 countries. He compared it to disclosure of hacking tools in March by the WikiLeaks organization, which said it had obtained them from the Central Intelligence Agency.

“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage,” Mr. Smith wrote. “An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.”

Mr. Smith’s statement is among the strongest complaints from the tech industry yet about government activity that has increasingly put the industry at odds with federal law enforcement and spying agencies.

Microsoft, Apple Inc., and others have pushed back against efforts by those agencies to seek technical backdoors in their products to monitor targets, because the tech companies fear the perception of complicity with the U.S. government could alienate customers in the U.S. and abroad.

Comments

Write a Reply or Comment:

Your email address will not be published.*