A KnowBe4’s blog post yesterday disclosed that the hacking group called Shadow Brokers, responsible for leaking the NSA’s zero-day exploit resulting in the infamous WanaCry Ransomware global attack, threatened to release even more NSA exploits that could potentially cause more damage.
Shadow Brokers announced that starting next month, they will make more stolen NSA-weaponized bugs available on a monthly subscription basis to anyone willing to pay for them. As the KnowBe4 blog post points out, cyber-criminals will now get these zero-day exploits and use them before patches and fixes can be created to stop them.
Previously, the Shadow Brokers crime organization put up various stolen NSA bugs for sale with prices ranging between $780 to $78,000.
WanaCry ransomware affected 150 countries and disrupted the operations of 45 hospitals in the U.K. It spread rapidly because the malware exploited a Windows vulnerability involving the Server Message Block (SMB) which is the protocol that the Operating System uses to read/write files and request services from server programs within a network. Once Wanacry infects one machine within a network, it attempts to spread to other machines over the same network by scanning for unpatched PCs having the SMB vulnerability.
This latest attack was made possible because many companies and individuals operate without regularly updating and patching their Operating System. Additionally, many around the globe are still using Windows XP which has been unsupported by Microsoft since April 8, 2014.
To avoid becoming a victim, businesses and people alike need to be very careful on clicking links and/or opening attachments in unsolicited emails; keep your Operating System and third-party software patched and updated; and always backup your files, preferably using a Hybrid-cloud Business Continuity solution.
XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 250+ Petabytes of data with over 800 employees around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause.