NEW YORK — Cyberattacks in Europe and Asia have been reported today that apparently used leaked National Security Agency hacking tools.
Patrick Toomey, a staff attorney with the American Civil Liberties Union’s National Security Project, had this reaction:
“It would be deeply troubling if the NSA knew about this vulnerability but failed to disclose it to Microsoft until after it was stolen. These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world. It is past time for Congress to enhance cybersecurity by passing a law that requires the government to disclose vulnerabilities to companies in a timely manner. Patching security holes immediately, not stockpiling them, is the best way to make everyone’s digital life safer.”