In May 2017, the computer virus known as WannaCry spread across the globe like wildfire, infecting hundreds of thousands of computers. Using a type of infection known as ransomware, the virus locked and encrypted files on the affected computers so they could not be accessed. Messages demanded that users pay $300 in digital currency in order to have their computers unlocked. The unknown perpetrators stated that if the ransom wasn't paid within days, the required payment would double, and after a week, the files on the infected computer would be wiped clean.
Before the attack was stopped, more than 300,000 computers in 150 countries were affected. The attack caused disruptions in hospitals, public transportation, banks, and telecom providers.
In mid-December, the Trump administration blamed North Korea for the attack, and the U.S. Department of Homeland Security revealed that tech giants Facebook, Inc. (NASDAQ: FB) and Microsoft Corporation (NASDAQ: MSFT) had disabled a number of new cyberthreats in recent weeks.
These would-be competitors joined forces to shut down an ongoing cyber attack. Image source: Getty Images.
Strange bedfellows
The two companies that might normally be considered competitors in the tech arena collaborated with "others in the security community," though the other players weren't identified.
In a White House news conference, homeland security advisor Tom Bossert said that "Facebook took down accounts that stopped the operational execution of ongoing cyberattacks and Microsoft acted to patch existing attacks, not just the WannaCry attack initially." Bossert chose not to elaborate on the nature of the other attacks.
Both companies confirmed their role in the action. Facebook said that it deleted accounts linked with the hackers "to make it harder for them to conduct their activities." The hacking collective, known as the Lazarus Group, had a number of fake personal profiles that it used to target unsuspecting users. Facebook also notified individuals who had contact with the suspect accounts. In a statement, the company said:
Facebook has a long-standing commitment to security, and we continue to invest in efforts to protect people from cyber threats and keep our platform safe. We will continue to work closely with companies to investigate and counteract these types of threats to our collective security.
Microsoft president and chief legal officer Brad Smith issued a blog post saying that the company "among other steps, last week helped disrupt the malware this group relies on, cleaned customers' infected computers, disabled accounts being used to pursue cyberattacks and strengthened Windows defenses to prevent reinfection."