NHS workers. Flickr/Emanueletudisco photography. Some rights reservedOn Friday IT systems in Britain and across the world were hit by a devastating hacking attack.
Dubbed 'WannaCrypt' - it locked users out of their computer system unless they paid a $300 ransom using Bitcoin. Such 'ransomware' attacks have become increasingly common across cyberspace as an earner for hackers.
There is little doubt ensuring government IT systems, especially in critical areas such as the NHS, need to be kept up-to-date. Most of the media attention has largely focused on this area since. In particular, the health secretary Jeremy Hunt has been criticised for ignoring repeated warnings that NHS IT systems were underfunded and vulnerable.
But one largely ignored area is how government-mandated backdoor exploits have made it easier for hackers.
Yesterday evening, Microsoft, the software company whose Windows system was the target of the attack, published a blog-post imploring system users to keep their software up to date. But it also lashed out at government snooping:
"Finally, this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage."
The blog-post by Microsoft's President and Chief Legal Officer went on to say: "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits."
In other words, Microsoft is warning governments that their desire for snooping makes it easier for criminals to exploit those systems and hack people's data.
This is relevant to Britain since both the Conservative government and Labour MPs have called on technology companies to give them access to encrypted mobile technologies such as Whatsapp and iMessage. Every terror attack across the US or Europe has been followed by a deman by western governments to have a way to snoop on messages.
But tech companies stress that opening encrypted systems to government snooping would eventually end up helping hackers. And the latest cyberattack underscores their point.
If we allow governments backdoor access to encrypted apps, next time it could be your phone demanding a ransom.
Get our weekly email
CommentsWe encourage anyone to comment, please consult the oD commenting guidelines if you have any questions.