The Wall Street Journal | 14 May 2017

Says software used in the global cyber assault Friday was stolen from National Security Agency

Microsoft Corp. MSFT -0.12% said that the software used in the global cyber assault that began Friday came from code stolen from the U.S. National Security Agency, adding that the attack should serve as a wake-up call for governments over the risks of hoarding such digital weapons for use against their enemies.
The software giant’s statement is the most authoritative confirmation so far of the connection between the Friday attack and the code that appeared to be for cyberattacks and was disclosed in April by an anonymous group called Shadow Brokers, which said it had obtained it from the NSA. The U.S. spying agency has declined to comment on the matter.

In a blog post Sunday, Brad Smith, Microsoft president and chief legal officer, said that the U.S. espionage agency authored the software that was eventually stolen and made its way into the hands of hackers who drew from it in the assault that has disrupted computers in at least 150 countries. He compared it to disclosure of hacking tools in March by the WikiLeaks organization, which said it had obtained them from the Central Intelligence Agency.
Read more