Microsoft (MSFT) President and Chief Legal Officer Brad Smith slammed the government and blamed computer users for the “WannaCry” ransomware attack that swept through the world infecting millions of computers and holding their data hostage.
In an interview with NPR, the president of the Redmond, Washington software giant said the attack spread because users failed to patch their old Windows operating systems. According to Smith, Microsoft released a patch two months ago that may have stopped “WannaCry” from propagating. The lack of action on the part of companies to install the patch, led to the massive attack. It doesn’t help that some of the infected computers were running Windows XP, the operating system from 16 years ago.
"We need to make it as easy as we can for people to patch their systems, and then customers have to apply those patches," the executive said in the interview. "It's worth remembering Windows XP not only came out six years before first iPhone. It came out two months before the very first iPod. Think about how antiquated that feels to us today." He added that because the virus spread so easily, Microsoft found itself building a patch for Windows XP and giving support to users who are actually using illegal copies of Windows in the aftermath of the attack. (See also: Microsoft Word Target of Zero-Day Malware Attack.)
His statements come as the company itself is facing flak for the role it played. “It would have been better if [the fix for XP] had been released a month earlier, when the company first became aware of the problem,” wrote David Omand, the former head of British intelligence agency GCHQ, in a letter to the Times. A New York Times Op-Ed writer said, “Companies like Microsoft should discard the idea that they can abandon people using older software.” The Verge pointed out that hardware limitations stopped users from upgrading to the latest versions of Windows. It said, "The broader problem is software upgrades outrunning their hardware, and it’s a problem that’s much bigger than Microsoft. A computer sold in 2007 likely isn’t equipped to run Windows 10 and millions of those old machines are still in use, which is why XP has remained neck and neck with Windows 8.1 in market share, despite Microsoft’s best efforts to dislodge it."
It's not just users that Smith is blaming. Similar to what he said in a blog post this weekend, the president of the world’s largest software company called out intelligence agencies including the National Security Agency, which first developed the attack method that was stolen and refined by hackers. With state sponsored hacks from the likes of North Korea and Russia becoming commonplace, Smith is calling on governments to limit the cyber tools they create similar to what they did with nuclear weapons. "A lot has changed in the world just in the last 12 months. We've seen a huge focus on nation-state hacking by other countries including Russia and North Korea." Media reports surfaced Monday that North Korea could be behind “WannaCry.” Smith wants a “Digital Geneva Convention” where governments pledge to stop hoarding exploits and vulnerabilities that can fall into the wrong hands and work more with the software vendors so they keep their products secure. (See more: Security Stocks Up After Global Ransomware Attacks)