The return of EternalBlue; or was it ever vanguished?


EternalBlue is a cyberattack exploit apparently developed by the U.S. National Security Agency (NSA). Various version had it that the exploit was leaked by the Shadow Brokers hacker group on April 14, 2017. EternalBlue exploits a vulnerability in Microsoft's implementation of the  Server Message Block (SMB) protocol. 


Before it leaked, EternalBlue was one of the most useful exploits in the N.S.A’s cyber arsenal. Since that leak, foreign intelligence agencies and rogue actors have used EternalBlue to spread malware that has paralyzed hospitals, airports, rail and shipping operators, ATMs and factories that produce critical vaccines. 


It gained worldwide fame on 12 May 2017 as a result of the worldwide WannaCry ransomware attack. The exploit was also used to help carry out the NotPetya cyber attack on June 27, 2017. The general public worldwide assumed that with the 'stopping off' of the WannaCry virus by Marcus Hutchins (our posting titled `Parallel life of a White Hat and Black Hat, May 10, 2019'), the virus would no longer posed any threats to us.


How wrong we are. 


Now the tool is hitting the United States where it is most vulnerable, in local governments with aging digital infrastructure and fewer resources to defend themselves. The EternalBlue attacks have reached a high and cybercriminals zeroed in on vulnerable American towns and cities, from Pennsylvania to Texas, paralyzing local governments and driving up costs. 


The attacks paralysed most of the local government's operations and it was plainly for monetary benefits. Using broken english, the ransomware demands for monies from the local governments for the systems and networks to be restored. Public officials did not comply and operations at the cities that were hit were grounded and unable to proceed.


This is a wake up call for our public sector and those organisations who are still using legacy software. Your network and system, majority of which, are operating on software that are at least more than 10 years old just like what the city councils and municipal offices in the cities in the US are using currently. Our public sector is still ill-equipped and lack the necessary manpower and skillsets to be able to defend a crippling action like what is happening to the cities in US presently.

CALL US

Tel: +603-9171 1562 

Fax: +603-9173 7600

HOURS

Mon - Fri: 9am to 6pm

MEMBER OF SYSTECH BHD
OUR SERVICES

Copyright © 2019 SysArmy Sdn Bhd (1122083-K)