微軟抨擊美國政府“囤積”網絡武器
Microsoft has hit out at the US government’s “stockpiling” of cyber weapons for facilitating attacks such as the WannaCry ransomware that has run rampant in recent days.
微軟(Microsoft)向美國政府發出了抨擊,指責其“囤積”網絡武器、爲“想哭”(WannaCry)這類勒索軟件發起的攻擊提供了方便。最近幾天,“想哭”病毒在全球肆虐。“The governments of the world should treat this attack as a wake-up call,” Brad Smith, Microsoft’s general counsel, wrote in a strongly worded blog post on Sunday afternoon.
週日下午,微軟法律總顧問布拉德?史密斯(Brad Smith)在一篇措辭激烈的博客文章中寫道:“全球各國政府應該把這次攻擊視爲一記警鐘。”In its statement, Microsoft for the first time confirmed publicly what security analysts and intelligence officials would only say in private: that the technique hackers used to distribute WannaCry was originally developed by, and later stolen from, the US National Security Agency.
微軟在其聲明中首次公開證實了安全分析師和情報官員只會私下吐露的說法:黑客用來散播“想哭”病毒的技術,是最初由美國國家安全局(NSA)開發的,後來又被人從該局竊走。
“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” Mr Smith wrote, referencing the disclosure of apparent exploits used by the CIA by WikiLeaks.
史密斯寫道:“這次攻擊是又一個例子,證明了爲何政府囤積軟件漏洞是如此重大的問題。”這句話指向了維基解密(WikiLeaks)披露的、美國中央情報局(CIA)對明顯的漏洞加以利用的行爲。“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage,” he said. “An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.”
他說:“政府手中掌握的漏洞泄露至公共領域、並造成大範圍破壞,這樣的情況已多次發生。若以常規武器來類比,這就好像是美國軍方部分戰斧導彈(Tomahawk)被竊。”While the leaked NSA tools were not used to create the ransomware itself, they did help hackers to accelerate its distribution, creating havoc for organisations around the world.
儘管從NSA泄露的工具未被用來創造“想哭”病毒本身,但這些工具確實幫助黑客加速了該病毒的傳播,對世界各地機構造成了嚴重破壞。
Edward Snowden, the NSA whistleblower who is wanted in the US for leaking thousands of classified documents, called Microsoft’s comments “extraordinary”.
NSA泄密者愛德華?斯諾登(Edward Snowden)稱,微軟方面的這些話“非同尋常”。斯諾登因泄露了成千上萬份機密文件而被美國通緝。“Until this weekend's attack, Microsoft declined to officially confirm this, as US Gov refused to confirm or deny this was their exploit,” he said in a tweet.
他在Twitter上發帖稱:“直到週末的攻擊發生前,微軟一直拒絕公開證實這一點,美國政府則既不願證實也不否認這個漏洞出自他們之手。”
