NSA Offers Gift That Keeps on Giving
Sometimes the gift that keeps on giving is good. Other times, it is not so good.
In this case, it is not so good.
You may remember the Wannacry ransomware attack last year. That virus, which took many organizations back to the stone age of computing (i.e., a pencil and paper), infected and took down organizations like the UK’s National Health Service, parts of Fedex, Hitachi, Honda and hundreds if not thousands of other organizations, many unknown, was enabled by a gift written by the NSA called ETERNAL BLUE. Eternal Blue was designed to be a gift given to our enemies, but managed to get out in the wild and be used by the bad guys to infect hundreds of thousands of computers in at least 150 countries and cost companies billions of dollars to fix.
If it weren’t for Eternal Blue, this attack would not have worked. Funny thing is that, like the Equifax breach, the vendor (in this case Microsoft) had released a patch months before the attack.
Of course, some people are good about applying patches while others are not so good.
A year later, the NSA gift called Eternal Blue is still giving. There are still at least a million computers that are not patched and hackers are using Eternal Blue to launch a new attack. After all, why bother to use new, unknown attacks and risk them being discovered, when the same old attacks as last year still work.
Right now, today, the attackers are using this attack to mine crypto currency on the infected computers. However, if that stops being profitable. ENOUGH profitable. Well then, these computers are already zombies, so the zombie controller could just turn this into a massive denial of service attack or a massive ransomware attack. Or whatever. Or more than one thing.
The simple thing is that there are Windows patches available to be installed. Also, you can disable the protocol that the attack uses.
Either way, there is no reason why this attack should still work.
But, since people aren’t really diligent about patches and especially patches on phones, tablets and IoT devices, the hackers will continue to have a field day and businesses will lose millions. Some are already going out of business due to ransomware attacks.
Just think about that for a minute.
Information for this post came from ZDNet.