In the wake of a major cyber attack that affected hospitals and other services in more than 150 countries, Microsoft has urged governments to stop their stockpiling of dangerous software that can be weaponized if leaked.
“The governments of the world should treat this attack as a wake-up call,” Microsoft President and chief legal officer Brad Smith wrote on the company’s blog, recommending that governments take “urgent collective action” and treat cyber attacks as they might treat conventional weapons.
“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage,” Smith wrote. “An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen.”
On Friday, more than 200,000 computers were struck by a “ransomware” virus called WannaCrypt, which denied users access to data unless they paid a charge using Bitcoin. The hack affected hospitals in the U.K., telecoms, deliveries and other services across the globe.
In the blog post, Smith noted that the exploit used in the cyber attack was stolen from the National Security Agency (NSA). Smith reiterated the company’s earlier calls for a “Digital Geneva Convention” to regulate how governments collect and store data and report on cyber vulnerabilities.