After learning that one of its most prized hacking tools was stolen by a mysterious group calling itself the Shadow Brokers, National Security Agency officials warned Microsoft of the critical Windows vulnerability the tool exploited, according to a report published Tuesday [washingtonpost.com] by The Washington Post. The private disclosure led to a patch that was issued in March.
Those same NSA officials, according to Tuesday's report, failed to communicate the severity of the vulnerability to the outside world. A month after Microsoft released the patch, the Shadow Brokers published the attack code, code-named EternalBlue, that exploited the critical Windows vulnerability [arstechnica.com]. A month after that, attackers used a modified version of EternalBlue to infect computers around the world with malware [arstechnica.com] that blocked access to data. Within hours of the outbreak of the ransomware worm dubbed WCry, infected hospitals turned away patients; banks, telecommunications companies, and government agencies shut down computers.
"NSA identified a risk and communicated it to Microsoft, who put out an immediate patch," Mike McNerney, a former Pentagon cybersecurity official and a fellow at the Truman National Security Project, told The Washington Post. The problem, he said, is that no senior official took the step of shouting to the world: "This one is very serious, and we need to protect ourselves."
Source: ArsTechnica [arstechnica.com]