Yesterday, computers from Ukraine to USA were hit by a cyberattack which was similar to a recent assault that infected tens of thousands of machines internationally.
The ATMs in Kiev stopped working at once. Approximately 80 miles further, the computers also stopped working and the workers had to manually monitor the radiation at the old Chernobyl nuclear plant. At the same time, tech managers at international companies were scrambling to respond.
The cyberattack started spreading from the Ukrainian government and some business computer systems and caused collateral damage worldwide.
Probably, it was the most sophisticated one in a series of attacks using multiple hacking tools which were stolen from the National Security Agency and leaked online this April by the Shadow Brokers group.
Similarly to the WannaCry virus, the global hacking is capable of taking the users’ control on computers, demanding digital ransom from the victims.
According to Symantic researchers, apart from the Eternal Blue hacking tool which was used in the WannaCry campaigns, the latest cybetattack used two additional methods to promote its spread.
By now, the National Security Agency has not acknowledged that its tools were used in WannaCry or any other malware attacks, however, the security experts demand defense against the virus the agency had created.
“The N.S.A. needs to take a leadership role in working closely with security and operating system platform vendors such as Apple and Microsoft to address the plague that they’ve unleashed,” the global chief information officer at IDT, Golan Ben-Oni, said.
In April, the IDT conglomerate was hit by a separate cyberattack which used the National Security Agency’s hacking tools.
In March, Microsoft patched the Windows software vulnerability used by Eternal Blue, however, as the WannaCry attacks demonstrated, hundreds of thousands of groups worldwide were not able to install the fix properly.
“Just because you roll out a patch doesn’t mean it’ll be put in place quickly,” the vice president for security at Radware said. “The more bureaucratic an organization is, the higher chance it won’t have updated its software.”
According to F-Secure experts, due to the fact that during the latest attack the ransomware used at least two ways for distribution, including stealing the victims’ credentials, even the ones who used the Microsoft patch could be vulnerable and potential targets for future attacks.
A spokesman from Microsoft stated that their new antivirus software should protect systems properly.
