Former National Security Agency contractor Edward Snowden is calling on Congress to press the NSA to admit whether it knows of any vulnerabilities in computers used by U.S. hospitals following a worldwide cyberattack linked to an NSA spy tool.

"In light of today's attack, Congress needs to be asking @NSAgov if it knows of any other vulnerabilities in software used in our hospitals," Snowden tweeted Friday.

In light of today's attack, Congress needs to be asking @NSAgov if it knows of any other vulnerabilities in software used in our hospitals. — Edward Snowden (@Snowden) May 12, 2017



A massive ransomware attack hit dozens of countries on Friday, scrambling data and locking up computer files unless users pay $300 in the online currency bitcoin. Multiple reports say the ransomware, known as "WannaCry," has crippled hospitals in the United Kingdom has infected computer systems used by critical systems and companies in nations across the world.

Experts have believed the Microsoft Windows exploit, known as "EternalBlue," was revealed as part of a leak by a hacking group, the Shadow Brokers, last month. Microsoft released a patch for the exploit in March, but only for computers running an OS newer than Windows 7. The company encouraged users with older versions "to ensure their computers are up-to-date."

Many hospitals in the United Kingdom's National Health Service still use Windows XP, released in 2001, and there is concern that hospitals and other entities using older Windows operating systems in the United States are also vulnerable.

Snowden, who was granted asylum in Russia since 2013 after he leaked secret information from the NSA's surveillance programs, tweeted at the NSA, wondering if the agency had disclosed the flaw used to attack hospitals when they "*found* it, not when they lost it, this may not have happened." He suggested hospitals lost a crucial amount of time to prepare for any such attacks by only being contacted by the NSA once its tool was stolen.

Some have pondered whether the NSA, once it finds vulnerabilities, should do more than just inform hospitals of the weaknesses, but also help to create defenses.