While the scale of this weekend's attack has been massive. Governments and private enterprise alike were affected by the attack with everyone from the UK's National Health Service to the Russian Interior Ministry to global shipping company FedEx reporting disrupted operations on account of the ransomware.
So far no clues have been uncovered as to who was behind the malicious software, which locks users' computer files and demands a ransom payment of US$300 (S$418) to US$600 to unlock them. The attack, known as WannaCrypt or WannaCry, originated from a particular form of ransomware targeting "unpatched" and outdated Microsoft Windows file-sharing software.
"The operating systems on our computers and software downloads are managed centrally so that regular users can not download executable files from the internet without administrative rights", he said in an email. "That's liability to individuals, consumers and patients". Microsoft did issue patches for the vulnerabilities before the attacks took place, but not everyone downloaded them. He also gave kudos to Microsoft for having released a patch for the ransomware in March.
Microsoft should know that there are people, small businesses, schools and hospitals that still use older version of Windows, such as XP (which came out in 2001).
If your device or network is infected by WannaCry or other ransomware, do not automatically pay the ransom.
But Scott Vernick, a data security lawyer at Fox Rothschild that represents companies, said he was sceptical that WannaCry would produce a flood of consumer lawsuits.
As a result of cyber-attack globally, all ATMs in Hyderabad and Secunderabad have been shut down.
"It isn't clear that there has been a harm to consumers", he said.
Microsoft's president blames NSA for WannaCry attack
Microsoft said the hack was derived from an exploit developed by the NSA that was stolen and leaked to the public earlier this year.
Malware is a general term that refers to software that's harmful to your computer, said John Villasenor, a professor at the University of California, Los Angeles.
Vu Ngoc Son, deputy head of the anti-malware department of Bkav Corporation, the largest internet security firm in Vietnam, said that the WannaCry ransomware's behaviour is "not new", but he believes that the use of this ransomware will not really ease up as "it can directly earn large profits for hackers".
On top of that, critics say, the government didn't notify companies like Microsoft about the vulnerabilities quickly enough. Courts have consistently upheld those agreements, he said.
"This area of law has been stunted in its growth", he said.
In its editorial on May 17, the paper says that efforts to tackle the issue of cyber security have been hindered by the United States, and calls for greater cooperation between countries to make the virtual world more secure.
"[People] should be thinking about this as an attack that for right now we (have) got under control", said Bossert, in an interview with ABC News on Monday. The NSA did not immediately return a request for comment. "They don't have a vaccine for this stuff", he said.
On top of that, the NSA would likely be able to claim that it is shielded from liability under the doctrine of sovereign immunity, which says that the government can not be sued over carrying out its official duties.