Edward Snowden called the continuing “ransomware” scourges “a perfect storm of all the problems everyone has been warning about” at a privacy issue conference Monday.
The ransomware Wanna Cry, also known as WanaCrypt0r and WanaDecrypt, boosted its effectiveness by using leaked hacking tool apparently stolen from the National Security Agencies, where Snowden was an intelligence contractors before he leaked documents outlining bulk surveillance program.
Snowden has also spoken out against the more focused NSA hacking operation. Critics of the NSA’s “Tailored Access Operations” note that, if the NSA reported security hole it uses to break into computers to manufacturer rather than using them in espionage, manufacturers could patches the holes and increases global cybersecurity for everyone.
It’s hard being right in the worst possible way,” Snowden said at the K(NO)W Identity conference in Washington, D.C., via video conferences.
A similar point was made Sunday by Microsoft President and chief legal officer Brad Smith in a blog post calling for government to report all security vulnerabilities they discover to manufacturer.
“In February [we called] for a new “Digital Geneva Conventions” to govern these issues, including a new requirement for government to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them,” wrote Smith.
Snowden quoted from a separate sections of the blog post, on the severity of having NSA tools leaked: “An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missile stolen.”
Snowden, however, did not begrudge the governments for not changing immediately to his and others suggestions not to hoard these kind of security flaws.
“There’s a natural inclinations to be like ‘Aw. Why didn’t they listen.’ But at the same time there’s a natural understanding that there is inertia that exists in all our institution,” he said.
Ransomware is a type of cyberattack that encrypts a target’s file, with the attacker providing the decryption key only after a ransom is paid, usually in bitcoins.
Take your time to comment on this article.