informa
/
Vulnerabilities/Threats
News

Microsoft President: Governments Must Cooperate on Cybersecurity

Microsoft's Brad Smith calls on nations and businesses to work toward "digital peace" and acknowledge the effects of cybercrime.

It's an exciting time to be in technology, according to Microsoft president Brad Smith. It's also a dangerous time.

Smith took the stage at this year's Web Summit, a tech conference held in Lisbon, Portugal, to emphasize the need for global cooperation on cybersecurity as technology continues to evolve. The benefits that technology has created are as dangerous as they are awe-inspiring, he said.

"It's an exciting time to be at a place like this," he said. "But that's not the only thing that's happening. We also live in a time when new threats are emerging … new threats that involve technology itself" and culminate in attacks on electrical grids and elections alike.

Addressing an audience of tech professionals, Smith explained: "The tools that we've created — the tools, oftentimes, that you've created — have been turned by others into weapons." It's something Microsoft sees in 6.5 trillion signals and data points it receives daily, he added.

Smith said often when he speaks to people in government about these attacks, they sometimes say "we don't really need to worry" because cyberattacks involve machines targeting machines, not machines targeting people. He disagrees.

"That is a problem. Because people are being victimized by these attacks," he explained. He called 2017 "a wake-up call" in terms of the way people in nation-states and governments are using technological tools as weapons. WannaCry and NotPetya were the prime examples.

We can't expect people to recognize the problems of cybercrime if we don't recognize how people are suffering. Hospitals were paralyzed when WannaCry hit the UK. At England's National Health Service, 19,000 appointments were canceled. Surgeries didn't happen. Shortly after WannaCry hit 300,000 machines in 150 countries, he added, NotPetya struck.

"What NotPetya represents is not just the evolution of the attack in terms of methodologies involved, but also the evolution of intent," said Smith. Last year, almost 1 billion people were victims of a cyberattack. "These issues and these threats are going to continue to grow … because everything is connected," he warned. It's time to have a conversation around security.

"In a world where everything is connected, everything can be disrupted," he continued.

Governments around the world must play a role in protecting civilians and civilian infrastructure, he said, and protect people while they're using devices on which their lives exist. However, governments can't do this alone, and so he also called on businesses to step up.

"Businesses need to do better as well, and there is no part of the business community, across Europe or in the US or around the world, that has a higher responsibility than one part of the business community — and that is the tech sector," Smith noted. IT has the greatest responsibility to be "first responders" in keeping people safe when there are cyberattacks.

The same week he gave this talk at Web Summit, Smith explained in an interview with CNBC how Microsoft wants to connect with Congress and work together to create cybersecurity guidelines for civilians. Key issues range from threats on democracy to artificial intelligence in the workplace.

We have reached a point at which people are enthusiastic about the evolution of technology; however, their eagerness is matched with growing worry about what this technology can do.

"The big shift has been [that] the era where everyone was just excited about technology has become an era where people are excited and concerned at the same time — and that's not unreasonable," he explained in a conversation with CNBC.

Smith says Microsoft wants to work with President Trump, as it worked with President Obama, to address the risk of technology. The concern isn't only for America, but for all countries.

 

Black Hat Europe returns to London Dec. 3-6, 2018, with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions, and service providers in the Business Hall. Click for information on the conference and to register.

Recommended Reading: