Previous in Forum: Have Any of You Been Watching the Show Genius?   Next in Forum: 2004 Malibu Hunts for Correct Gear
Close

Comments Format:






Change Mode
Close

Subscribe to Discussion:

CR4 allows you to "subscribe" to a discussion
so that you can be notified of new comments to
the discussion via email.

Close

Rating Vote:







Add Vote
19 comments
Rate Comments: Nested
Andrew Westman
Guru

Join Date: Dec 2016
Posts: 2914
Good Answers: 115

Leaked NSA Tools Used in Global Cyberattack

05/12/2017 6:37 PM

From ABC News:

Companies around the world, including at least one major U.S. company, were hit by a sophisticated cyberattack on Friday that continues to sweep across the globe.

Cybersecurity experts told ABC News that the unidentified attackers exploited a vulnerability in Microsoft Windows that was identified by the U.S. National Security Agency (NSA) and leaked to the public by the hacker group The Shadow Brokers in April.

Microsoft released a patch to address the vulnerability, but networks that did not adopt it would have remained vulnerable. The tech company did not immediately respond to ABC News' request for comment.

“This appears to be the first incidence of the use of an NSA exploit in a broad and far reaching cybercriminal campaign,” John Bambenek of Fidelis Cybersecurity said.

According to Ryan Kalember, senior Vice President of cyber security strategy at the cybersecurity firm Proofpoint, a “ransomware worm” using the essentially unaltered NSA code is spreading across corporate networks in at least 74 countries, with European and Asian countries among the hardest hit. Russia, he said, was particularly vulnerable because many of its networks use older versions of Microsoft Windows.
Register to Reply
Interested in this topic? By joining CR4 you can "subscribe" to
this discussion and receive notification when new comments are added.

Good Answers:

These comments received enough positive votes to make them "good answers".

"Almost" Good Answers:

Check out these comments that don't yet have enough votes to be "official" good answers and, if you agree with them, vote them!
Kilowatt0
Guru

Join Date: Aug 2007
Location: Earth - I think.
Posts: 2143
Good Answers: 165
#1

Re: Leaked NSA Tools Used in Global Cyberattack

05/12/2017 9:14 PM

Welcome to my nightmare, Alice.

__________________
 TANSTAAFL (If you don't know what that means, Google it - yourself)
Register to Reply
Andrew Westman
Guru

Join Date: Dec 2016
Posts: 2914
Good Answers: 115
#2

Re: Leaked NSA Tools Used in Global Cyberattack

05/12/2017 10:34 PM

More details here ...
Register to Reply
TonyS
Guru
United Kingdom - Member - New Member

Join Date: Aug 2010
Location: Resting under the Major Oak
Posts: 4347
Good Answers: 181
#3

Re: Leaked NSA Tools Used in Global Cyberattack

05/13/2017 2:10 AM

The UK's health service has been hit.

__________________
 The reports of my death are greatly exaggerated.
Register to Reply
TonyS
Guru
United Kingdom - Member - New Member

Join Date: Aug 2010
Location: Resting under the Major Oak
Posts: 4347
Good Answers: 181
#4
In reply to #3

Re: Leaked NSA Tools Used in Global Cyberattack

05/14/2017 5:13 AM

Back up and running now

__________________
 The reports of my death are greatly exaggerated.
Register to Reply Score 1 for Good Answer
No more "Almost" Good Answers.
gnagy
Commentator

Join Date: Feb 2017
Posts: 69
Good Answers: 4
#5

Re: Leaked NSA Tools Used in Global Cyberattack

05/14/2017 9:35 AM

It's 2017. I'm sorry, but if you still use Microsoft Windows, you get what you deserve when (not if) you get hacked.
Register to Reply
2
Andrew Westman
Guru

Join Date: Dec 2016
Posts: 2914
Good Answers: 115
#7
In reply to #5

Re: Leaked NSA Tools Used in Global Cyberattack

05/14/2017 2:09 PM

Be realistic: switching to a different OS is expensive proposition - extremely expensive for large organisations. Not everyone has those funds just sitting around with nothing to do. Not only, but thousands of large-scale apps that don't have a non-Windows counterpart must be ported and debugged to work under the new OS. Then you have the learning curve of all the organisations' users and the lost productivity from that meanwhile. Very, very, very expensive. It's not just a matter of strolling down to the corner store and getting new stuff.

All operating systems are vulnerable to hacking. Microsoft issued a patch before this but not everybody updated their systems. *nix systems that aren't patched get hacked too. IOS gets hacked. Windows is a huge target. Smaller targets don't hacked as often because of the unfavourable risk/benefit ratio. You don't see ransomware hackers going after KolibriOS or Bada users, do you? What would be the point?

According to reports this was a leaked NSA tool and deployed in relatively unaltered form. Assuming it was unaltered, my question then becomes: Why is the NSA writing ransomware? Hacking into systems for intelligence purposes I can understand, but ransomware?
Register to Reply Good Answer (Score 2)
Go to Next Good Answer
2
StandardsGuy
Guru
Popular Science - Cosmology - Let's keep knowledge expanding Engineering Fields - Retired Engineers / Mentors - Hobbies - HAM Radio - New Member

Join Date: Dec 2006
Location: North America, Earth
Posts: 4528
Good Answers: 106
#8
In reply to #7

Re: Leaked NSA Tools Used in Global Cyberattack

05/14/2017 4:13 PM

I certainly hope the NSA is not writing ransomware, but nothing surprises me anymore. Somebody's got to pay for the promises Hillary made when she was campaigning.

__________________
 “I would rather have questions that can't be answered than answers that can't be questioned.” - Richard Feynman
Register to Reply Good Answer (Score 2)
Go to Next Good Answer
3
Kilowatt0
Guru

Join Date: Aug 2007
Location: Earth - I think.
Posts: 2143
Good Answers: 165
#9
In reply to #7

Re: Leaked NSA Tools Used in Global Cyberattack

05/14/2017 4:52 PM

"Why is the NSA writing ransomware?"

It isn't. Most likely they found an existing bug in the software, and wrote the code used to take advantage of the bug. This is the "attack vector" (to take access of, or deliver their own code), which is what the hackers used to deliver the "payload" (the ransomware).

So it (normally) comes down to 3 things: 1. Vulnerability 2. Exploiting the vulnerability to gain access 3. Delivery of that code that takes control/'eavesdrops'.

I took a DHS course on security for SCADA systems last year. By the end of the first day, I felt like I was wearing the "Emperors New Clothes" - at a gay bar.

__________________
 TANSTAAFL (If you don't know what that means, Google it - yourself)
Register to Reply Good Answer (Score 3)
No more Good Answers. Go to first "Almost" Good Answer
dkwarner
Guru

Join Date: May 2006
Location: Placerville, CA (38° 45N, 120° 47'W)
Posts: 6215
Good Answers: 248
#6

Re: Leaked NSA Tools Used in Global Cyberattack

05/14/2017 11:39 AM

A major reminder of the wisdom of maintaining multiple and frequent backups, some of which are NOT continuously connected to the computer being backed up, or to its network.

__________________
 Teaching is a great experience, but there is no better teacher than experience.
Register to Reply
Tom_Consulting
Guru
Popular Science - Weaponology - New Member Fans of Old Computers - PDP 11 - New Member Technical Fields - Architecture - New Member Hobbies - HAM Radio - New Member

Join Date: Oct 2009
Location: Maine, USA
Posts: 2168
Good Answers: 71
#10

Re: Leaked NSA Tools Used in Global Cyberattack

05/14/2017 7:00 PM

I'm amazed that no-one has yet to describe the method, with an example, of how the systems got infected. If it's via a phishing e-mail, show an example so non-PC adept people can be alert to it.

__________________
 Tom - "Hoping my ship will come in before the dock rots!"
Register to Reply
Andrew Westman
Guru

Join Date: Dec 2016
Posts: 2914
Good Answers: 115
#11
In reply to #10

Re: Leaked NSA Tools Used in Global Cyberattack

05/14/2017 7:55 PM

The news outlets have not given out an example.
Register to Reply
Andrew Westman
Guru

Join Date: Dec 2016
Posts: 2914
Good Answers: 115
#12
In reply to #10

Re: Leaked NSA Tools Used in Global Cyberattack

05/14/2017 11:19 PM

A Google search reveals that quite a few outlets have published examples/descriptions of how WANNACRY works.

One of the more technically-detailed analyses can be found here.
Register to Reply
greeksurfer
Member

Join Date: May 2017
Posts: 6
#13

Re: Leaked NSA Tools Used in Global Cyberattack

05/15/2017 5:42 PM

Do you think this is only the beginning?

It's bad enough that this hit hospitals, but it could've been seriously worse. With networks as large as they are nowadays and with vulnerable PCs and such out there -- I feel like it's only a matter of time before a power facility gets hit and all hell breaks loose at numerous critical infrastructure facilities.

I sincerely hope I'm wrong - but it does feel like it's inevitable at this point.
Register to Reply
Andrew Westman
Guru

Join Date: Dec 2016
Posts: 2914
Good Answers: 115
#14
In reply to #13

Re: Leaked NSA Tools Used in Global Cyberattack

05/15/2017 6:09 PM

"Do you think this is only the beginning?"

Is this a rhetorical question or are you asking me specifically?
Register to Reply
greeksurfer
Member

Join Date: May 2017
Posts: 6
#15

Re: Leaked NSA Tools Used in Global Cyberattack

05/15/2017 6:12 PM

Asking you & the community, generally on the topic, for thoughts on what the future holds.
Register to Reply
Andrew Westman
Guru

Join Date: Dec 2016
Posts: 2914
Good Answers: 115
#16
In reply to #15

Re: Leaked NSA Tools Used in Global Cyberattack

05/15/2017 8:31 PM

It'll get worse, much worse with the hordes of IoT devices coming online with the usual lack of security precautions. Botnets will have a bloody field day.
Register to Reply
dkwarner
Guru

Join Date: May 2006
Location: Placerville, CA (38° 45N, 120° 47'W)
Posts: 6215
Good Answers: 248
#17
In reply to #16

Re: Leaked NSA Tools Used in Global Cyberattack

05/15/2017 8:38 PM

I totally agree!

...and welcome to CR4, greeksurfer.

__________________
 Teaching is a great experience, but there is no better teacher than experience.
Register to Reply
greeksurfer
Member

Join Date: May 2017
Posts: 6
#18
In reply to #17

Re: Leaked NSA Tools Used in Global Cyberattack

05/15/2017 9:35 PM

Thanks! Still getting used to the format (my apologies Andrew if my reply was confusing because I replied directly to the first post). Pretty cool forums! Excited to be here.
Register to Reply
Andrew Westman
Guru

Join Date: Dec 2016
Posts: 2914
Good Answers: 115
#19
In reply to #18

Re: Leaked NSA Tools Used in Global Cyberattack

05/15/2017 9:49 PM

You're just seeing the demo version, mate. Wait til the Devil says "Back on your heads!"

Register to Reply
Register to Reply
Have a Different Question?
19 comments

Good Answers:

These comments received enough positive votes to make them "good answers".

"Almost" Good Answers:

Check out these comments that don't yet have enough votes to be "official" good answers and, if you agree with them, vote them!
Copy to Clipboard

Users who posted comments:

Andrew Westman (7); dkwarner (2); gnagy (1); greeksurfer (3); Kilowatt0 (2); StandardsGuy (1); Tom_Consulting (1); TonyS (2)

Previous in Forum: Have Any of You Been Watching the Show Genius?   Next in Forum: 2004 Malibu Hunts for Correct Gear

Advertisement

Got Something to Say?
Ask a Question
Start a Discussion

Search this Forum
General Discussion:
Go

CR4 Sections
Aerospace
BioMech & BioMed
Chemical & Material Science
Civil Engineering
Communications & Electronics
Education and Engineering Careers
Electrical Engineering
General Discussion
Instrumentation
Manufacturing
Mechanical Engineering
New Technologies & Research
Software & Programming
Sustainable Engineering
Transportation

Site Directories
Forum Directory
Blog Directory
User Group Directory
RSS Feeds

CR4 Rules of Conduct
CR4 FAQ
Site Glossary

Who's Online (66 right now)
Show Members
Advertisement