WannaCrypt0: The Great Cyber Brush Fire
RansomWare: A New Threat
When Vault7 released via WikiLeaks, it became crystal clear what sort of threats existed on the digital front and what sort of attack vectors the CIA/NSA had developed.
Frankly, it became clear that any device connected to a network (and some that aren't) are compromised and capable of being used as an asset for any number of malicious purposes.
In the past few years, we saw the rise of Ransom Ware -- a form of malware that locks out users from access to their data and places it under a self-destruct mechanism unless an actual ransom is sent to a Bitcoin address.
Last week, we saw WannaCrypto (or, aptly, WannaCry) spread across the globe and rapidly shut down a number of systems, including a good deal of the British National Health Service. This ransomware uses exploits found in Vault7 to attack Windows operating systems. The map of infected systems looks like a very ugly threat board.
On Friday, a white hat found a piece of code that pointed to an obscure unregistered domain. He purchased the domain and the attacks stopped, apparently triggering a 'kill-switch' in the code.
A report came out today saying that many Asian companies will likely be hit hard by this ransomware after getting back from the weekend. If their IT department isn't on top of things, one click on the wrong email, and their company data could end up on lock-down.
Like most things in nature, a cycle exists. Some more definable than others.
In the woods, its common for a bolt of lightning to hit a tree and set it on fire, causing a chain reaction that spreads as quickly as the land around it will allow. If the land is full of dead, dry grasses and woods, you can expect an enormous brush fire to develop and consumes almost anything in its path.
In business, theres no shortage of outdated IT infrastructure that organizations have been running for years beyond the point where it would be considered 'wise' by anyone with a shred of InfoSec knowledge.
I think we're seeing the start of a gigantic Cyber Brush Fire.
All of these systems running old, outdated operating systems that are as vulnerable as an enormous pile of leaves in the face of a firestorm. Still running Windows XP to manage your national health care system? Perhaps you should upgrade at some point. Have you considered using something that doesn't suck?
Ironically, all of these organizations dragging their digital feet and making the lives of their employees miserable (I've been in the military, I know this first hand), they're facing a threat from the future demanding payment in the form of a digital currency running on the back of a technology that quite literally gives the middle finger to centralized information systems.
It would be funny if there weren't lives at risk, but admittedly, viewing this threat through the 'brush fire' paradigm has been a bit of a silver lining.
While there is always the possibility of a catastrophic global IT infrastructure failure, there WILL be good that comes from this:
- People will become aware that governments all over the globe have been producing and have access to malware that allows near limitless access to almost all devices
- People will continue asking "What is a bitcoin and why should I care?" leading them down a 'path of redpills'
- Old operating systems will be swept away into dust
- People will begin to question whether or not their devices/operating systems are compromised by zero-day access
- Most importantly, people will ask WHY their devices are compromised and to what end
As always, interesting roads ahead, particularly for anyone who pays attention.
Should be an interesting Monday if the hackers can patch the kill switch bug and continue the attacks.
More people need to take the time to read, and write, these types of posts.
Thanks!
Agree. I think we've got to get the idea that privacy is a commons accepted. I thought it was a little over the top when I first heard about it, but as we venture further into a world where digital security matters more and more, taking the basic steps are essential. Keep 'em coming!
The worst part about knowing more in this field is that you can get really fucking paranoid.
Anytime I have issues with devices that can't be fixed beyond a few simple layers of solutions, I can't help but wonder whats happening that I can't see? Argh.
Hmmm, I'm not there yet but I can totally see how that could be a normal reaction. I DO get frustrated when the ol' "hard reset" doesn't work though. :) To security AND peace of mind!