Samedi, 20 Octobre 2018
Latest news
Main » The NSA told Microsoft about EternalBlue hack used in WannaCry

The NSA told Microsoft about EternalBlue hack used in WannaCry

19 Mai 2017

Even as the hullabaloo over WannaCry or WannaCrypt ransomware attack has barely settled, news of another global cyber attack has emerged.

This story doesn't feel too surprising. The huge cyber-breached event, which kicked off on Friday, spread like never before and affected millions of computers and computerised data in over 150 countries. In addition to that, stealing patients' data is relatively easy since healthcare has been slow in adopting proper security mechanisms, especially when compared to other sectors like banking where customer information is also sacrosanct. The NHS does, though, need to make sure that not one unpatched computer ever goes near its network, and that employees understand that they shouldn't click on suspicious links. But users of older software, such as Windows XP, have to pay hefty fees for so-called "custom" support. Even though there are ways to install the latest updates on updates on Windows which are not genuine, Microsoft is also implementing restrictions every once in a while, so depending on the release, it could be more or less hard to patch a pirated Windows copy. I say "device", because it applies not just to Microsoft Windows but to Macs, Android phones, iPhones and even connected devices like baby cameras, door locks and cars. "This exploit (codenamed "EternalBlue") has been made available on the Internet through the Shadowbrokers dump on April 14th, 2017 and patched by Microsoft on March 14".

"At a base level it's exploiting and cashing in on your electricity bill and server processing time", he says. But a report at the end of 2016 suggested that 90% of NHS trusts still had at least one XP system.

While organisations still struggle to reinstate normal service, there are fears that the vast spread of the ransomware will inspire more versions - and that many systems remain unpatched. "Software updates and security patches are pushed to us as needed so that we are using the most current approved versions of software on our computers".

This cyberattack used a security hole that still exists for computers running older versions of Windows.

The spy agency reportedly knew about the theft of its cyberweapons arsenal, which was later allegedly leaked by the Shadow Brokers hacker group.

"The WannaCry attack is a wake-up call for all countries including India, which is at the cusp of digital revolution".

In just four days, the WannaCry ransomware reeled in enough money to buy 8,750 servings of avocado toast (or maybe a modest house, if you're into that sort of thing). Around 200,000 victims in 150 countries have been affected, according to European Union police force Europol, many of them businesses including major corporations such as Nissan, FedEx and Hitachi.

Instead of a red ransom note - the calling card of the massive WannaCry infection - this newly-discovered malware isn't noticeable, beyond making a computer run more slowly than usual.

The NSA told Microsoft about EternalBlue hack used in WannaCry