Microsoft has issued a blistering attack on the US government after a software vulnerability stockpiled by the National Security Agency (NSA) paralysed NHS hospitals and thousands of other organisations around the world.
The firm’s chief legal officer compared the NSA’s decision to identify but not warn Microsoft about the vulnerability to thieves stealing US military missiles.
In March, just weeks before the agency’s cache of exploits were stolen and leaked, Microsoft patched the flaw in its Windows operating system.
But not all users updated their software, leaving their computers vulnerable to the ransomware when the virus started spreading on Friday.
Brad Smith wrote in a blogpost: “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.
“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.”
Smith added that the behaviour had prompted Microsoft to call for a “Digital Geneva Convention” to urge governments to report vulnerabilities to software firms, rather than storing them so it could break into computers later on.
The NHS was arguably dealt the biggest blow as the WannaCry ransomware infected computers in more than 70 countries around the world.
Hospitals and GP surgeries were forced to turn away patients as the ransomware seized control of NHS computers.
The virus locked down thousands of devices, demanding the equivalent of $300 in bitcoin as ransom, before a 22-year-old accidentally stalled its spread.
It was feared that a second wave of cyber attacks would emerge on Monday as staff returned to work and turned on their computers. But health secretary Jeremy Hunt has said such fears have not materialised.
— This feed and its contents are the property of The Huffington Post UK, and use is subject to our terms. It may be used for personal consumption, but may not be distributed on a website.