Microsoft’s president says global cyberattack is a ‘wakeup call’

A global ransomware attack has hit more than 200,000 victims, such as hospitals and schools, in more than 150 countries since Friday. The virus takes advantage of a security flaw in Microsoft's Windows operating system, which the company patched in March, though many users ignored the fix or refused to pay for it. William Brangham reports and Judy Woodruff talks to Microsoft President Brad Smith.

Read the Full Transcript


    The worldwide cyber-attack appeared to slow today. Since Friday, the so-called ransomware has hit more than 200,000 victims in more than 150 countries. The worst of it today was in Asia.

    William Brangham reports.


    At a movie theater in Seoul, South Korea, screens flashed the bad news: now playing, a global cyber-attack. In Indonesia, the waiting room at a cancer hospital in Jakarta was packed with patients, their records also held hostage by this so-called ransomware.

  • SRI ASTUTI, Hospital Patient (through interpreter):

    There are always so many people. That's why it's taking so long. We're tired, but we need the treatment.


    In China, state media reported some 4,000 schools were among the hardest-hit there, including two prestigious universities.

  • WANG WENYI, Chinese National Computer Response Center (through interpreter):

    If we pay the ransom, then we are risking getting our personal information, including our account information, recorded and stolen.


    Japanese companies Hitachi and Nissan were affected as well, but Japan's chief cabinet secretary said the damage was minimal.

    The virus first struck on Friday, primarily at hospitals in Britain and companies across Europe. This particular kind of ransomware takes advantage of a security flaw in Microsoft's Windows operating system. It locks users out of their computers until they pay a ransom to get it back.

    This strain of ransomware was apparently built in part using software created by the National Security Agency, the NSA, which was then stolen by hackers. Microsoft patched the flaw in its system in March, but many users either ignored it or refused to pay for it.

    In an open letter Sunday, Microsoft President Brad Smith blamed the NSA and called it yet another example of why the stockpiling of vulnerabilities by governments is such a problem.

    Russian President Vladimir Putin, who is visiting China, also criticized the U.S., amid reports that his interior ministry had been hit hard.

  • PRESIDENT VLADIMIR PUTIN, Russia (through interpreter):

    The primary source of the virus happens to be the intelligence services of the United States. Russia here is absolutely uninvolved.


    But at the White House today, Tom Bossert, President Trump's homeland security adviser, said the NSA had never intended its tool to be used by foreign criminals.

  • TOM BOSSERT, White House Homeland Security Adviser:

    This was a vulnerability exploit as one part of a much larger tool that was put together by the culpable parties and not by the U.S. government. So, this wasn't a tool developed by the NSA to hold ransom data.


    Meanwhile, there's been political fallout. In Britain, where a general election looms, opposition leader Jeremy Corbyn and Prime Minister Theresa May traded jibes long-distance:

  • JEREMY CORBYN, Labour Party Leader:

    Over the past seven years, our National Health Service has been driven into crisis after crisis. The Tory cuts have exposed patient services to cyber-attack.

  • THERESA MAY, Prime Minister, United Kingdom:

    Cyber-security is an issue that we need to address. That's why the government, when we came into government in 2010, put money into cyber-security.


    The cyber-attack's effects in the United States have been limited, except for damage to the FedEx delivery service.

    For the PBS NewsHour, I'm William Brangham.


    And let's turn to Microsoft now, which has been responding to this attack and criticizing the NSA for its alleged role in exploiting the vulnerability to begin with.

    Brad Smith is the president and chief legal officer of the company. He joins me from Redmond, Washington.

    Brad Smith, welcome back to the NewsHour.

    So, first off, what is the status of this cyber-attack? There were some reports late today about a new variant surfacing in parts of the world. What do you know about that?

  • BRAD SMITH, President, Microsoft:

    Well, I think, as the report just showed, things seem to be calming down a bit, but it's too early to declare victory or say that this episode is over.

    As you just mentioned, new variants can be created. That's not uncommon in these kinds of situations. We will have to monitor them. And then, more broadly, even as we help customers who are dealing with this particular attack, this is a wakeup call for all of us, whether we're in the tech sector, customers or in government. We need to do more to address this problem.


    And you did say in the memo that you — that Microsoft issued yesterday, you did say this is a powerful reminder everybody needs to keep their computers current and patched.

    But you did go on to point that finger at governments and what you call stockpiling of vulnerabilities. What did you mean by that?


    Well, we have been pointing out in recent months that, more and more, in multiple countries, certain agencies and some governments are stockpiling vulnerabilities, meaning the flaws That they find in software, they're creating their own exploits, so that they have them available.

    And this causes us concern. We believe the world needs some new rules to govern this. We need governments to act with restraint, and we certainly need governments that are creating these kind of cyber-weapons to be effective, so that they're not stolen or get leaked out.


    Well, and I want to ask you about that, because, at the White House today, the president's homeland security adviser, Tom Bossert — I think you just heard him say this — he said the NSA never intended for this tool that they created to be used as part of some ransomware attack.


    I think that's got to be the case.

    And the reality is, this was an unusual attack. It involved the combination of a very sophisticated piece of software of the type we sometimes see in governments, then combined with a much less sophisticated piece of software, in effect, the ransomware component.

    And in all probability, it's some type of organized criminal group that took what came out of the government and put it to use in a way that no one ever intended, but the damage is still done, and we can't assume that this is the last time we will see this type of problem if we don't find a way to take new steps.


    Well, Brad Smith, what do you say about Microsoft's role in this? I'm sure you know there are security analysts out there who are saying, not only because these flaws existed in something that Microsoft, that your company created, but also that the company apparently hasn't done enough to alert people that these flaws are there, that they need to patch?

    There are some nonprofit organizations, the governments that we have been discussing that just haven't gotten around to it. And these analysts are saying, Microsoft should have done more to alert people.


    Well, the very first thing that I said in my statement yesterday was that Microsoft, in fact, has the first responsibility to address these issues.

    I think that's unquestionable. We look at everything that we're doing today. We have 3,500 security engineers. We worked over the weekend to provide help to customers around the world. We acted in March to patch software. We acted in March to talk about the importance of this, as we do all the time.

    But this is a wakeup call for us, for customers. None of us should assume that we're doing everything that we can possibly do. Let's all learn from this together. And I would be the first to say that, just as government needs to do more, we need to ask ourselves what more we could do as well.


    Can you say at this point what more Microsoft can do?


    Well, one of the issues that I think we need to think through around the world is how to help customers, especially in sophisticated, diversified, complicated information technology environments to deploy patches more easily.

    The National Health Service in the U.K. is a good example. It's a very large institution. Now, in some cases, the computers are a good deal older. I think there is certainly an opportunity for us to ask ourselves, what new technologies can we deploy, what new processes can we develop to make it easier for customers?

    And then, of course, we do need customers to act. We cannot actually patch their systems unless they deploy our technology. And that, too, is a lesson for us all.


    I want to go back to what you were saying about the role of governments and the role specifically in this country of the National Security Agency, the NSA.

    Your point is that they have developed devices to fix these flaws that exist, but they haven't shared them quickly enough. Were you notified, was Microsoft notified by NSA that this was coming?


    Well, I don't want to go into the specifics of how we learned about this particular problem or by whom or when.

    It is of public record that we provided a patch in March. There wasn't a public statement about this until April. But what I think is also important is that we need the global community to come together.

    We called earlier this year for the creation, in effect, of a digital Geneva Convention, new rules of the road that apply to everybody, because this is an issue, in this instance, that may have arisen in the United States, but no one should think that this is an issue unique to the United States. This is an issue for many governments around the world.


    Brad Smith, the president of Microsoft, we thank you very much for joining us.


    Thank you.

Listen to this Segment