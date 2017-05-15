The most recent news concerning the massive cyber-attack knocking down critical systems used by businesses, governments and hospitals throughout the world serves as a reminder that bureaucrats are largely powerless to predict and prevent these types of attacks. And as hackers become better at exploiting system vulnerabilities, cyber-attacks will only become more frequent and increasingly deadly in nature.

For now, there’s a great deal of finger pointing going on as the world attempts to figure out exactly who is responsible for the current virus outbreak.

But it’s looking increasingly likely that the hackers got the computer codes needed to cripple systems used by so many businesses and governments throughout the world from the National Security Agency.

Here’s a little background via The Wall Street Journal:

The attack involved so-called ransomware, in this case called WannaCry, that scrambled files, and asked for ransom of as little as $300 in the online currency bitcoin to decrypt them. The malware used vulnerabilities in Microsoft Corp. software and a tool that a group of hackers had previously made public, saying it had been pilfered from the U.S. National Security Agency. The agency has declined to authenticate the material.

In other words, the NSA (which exploits vulnerabilities in software to keep us all safe) provided hackers step-by-step instructions to install ransomware on critical computers because the agency isn’t even able to keep its own information safe.

NPR reported that the malware used to infect computers with the WannaCry virus was stolen from the NSA last month.

The agency and other U.S. intelligence outfits routinely come under fire from the world’s biggest technology and software providers for creating backdoors which massively compromise customer privacy without informing the businesses that the vulnerabilities exist.

Microsoft President Brad Smith said the cyber-attack currently underway is simply the latest development in this disturbing trend.

In a post on the company’s blog, Smith noted:

[T]his attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.

For the heads of tech companies like Smith, these government created problems serve as proof that the private sector must become more involved in protecting Americans from both bad actors and the unintended consequences of government meddling.

