微软抨击美国政府“囤积”网络武器

Microsoft has hit out at the US government’s “stockpiling” of cyber weapons for facilitating attacks such as the WannaCry ransomware that has run rampant in recent days.

微软(Microsoft)向美国政府发出了抨击，指责其“囤积”网络武器、为“想哭”(WannaCry)这类勒索软件发起的攻击提供了方便。最近几天，“想哭”病毒在全球肆虐。

“The governments of the world should treat this attack as a wake-up call,” Brad Smith, Microsoft’s general counsel, wrote in a strongly worded blog post on Sunday afternoon.

周日下午，微软法律总顾问布拉德?史密斯(Brad Smith)在一篇措辞激烈的博客文章中写道：“全球各国政府应该把这次攻击视为一记警钟。”

In its statement, Microsoft for the first time confirmed publicly what security analysts and intelligence officials would only say in private: that the technique hackers used to distribute WannaCry was originally developed by, and later stolen from, the US National Security Agency.

微软在其声明中首次公开证实了安全分析师和情报官员只会私下吐露的说法：黑客用来散播“想哭”病毒的技术，是最初由美国国家安全局(NSA)开发的，后来又被人从该局窃走。

“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” Mr Smith wrote, referencing the disclosure of apparent exploits used by the CIA by WikiLeaks.

史密斯写道：“这次攻击是又一个例子，证明了为何政府囤积软件漏洞是如此重大的问题。”这句话指向了维基解密(WikiLeaks)披露的、美国中央情报局(CIA)对明显的漏洞加以利用的行为。

“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage,” he said. “An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.”

他说：“政府手中掌握的漏洞泄露至公共领域、并造成大范围破坏，这样的情况已多次发生。若以常规武器来类比，这就好像是美国军方部分战斧导弹(Tomahawk)被窃。”

While the leaked NSA tools were not used to create the ransomware itself, they did help hackers to accelerate its distribution, creating havoc for organisations around the world.

尽管从NSA泄露的工具未被用来创造“想哭”病毒本身，但这些工具确实帮助黑客加速了该病毒的传播，对世界各地机构造成了严重破坏。

Edward Snowden, the NSA whistleblower who is wanted in the US for leaking thousands of classified documents, called Microsoft’s comments “extraordinary”.

NSA泄密者爱德华?斯诺登(Edward Snowden)称，微软方面的这些话“非同寻常”。斯诺登因泄露了成千上万份机密文件而被美国通缉。

“Until this weekend's attack, Microsoft declined to officially confirm this, as US Gov refused to confirm or deny this was their exploit,” he said in a tweet.

他在Twitter上发帖称：“直到周末的攻击发生前，微软一直拒绝公开证实这一点，美国政府则既不愿证实也不否认这个漏洞出自他们之手。”