rashbre central: if block systems then block chain; #malware #eternalblue #killswitch

Friday 12 May 2017

if block systems then block chain; #malware #eternalblue #killswitch


The despicable cyber attacks on the NHS as well as Telefónica in Spain and other companies are still very active. Some, like Iberdrola and Vodafone Spain have simply told employees to switch off their computers.

There's advice about restoring from backups although there's a challenge with this because some of the Wana/Wanna type viruses used can lay dormant until invoked. Therefore a backup could already have been compromised,

This is somewhat akin to the olden days of burglary of VHS recorders, which would be stolen, replaced on insurance and then stolen again.

It is also annoying that one needs to buy all kinds of extra software and beefier hardware, simply to provide the cyber protection, using extra disks and cpu cycles just to run the protection.

Add in that part of the SMB file-sharing exploit used is from a US NSA 'weaponised' malware called EternalBlue and somehow 'stolen' by a ShadowBrokers, a malware brokerage.

That the most secure American organisation (National Security Administration) could be subject to theft from one of its most clandestine areas (Office of Tailored Access Operations -TAO) and of some of its most malevolent software is also noteworthy, yet goes mainly uncommented. As is the possibility that NSA worked with another party, such as Equation Group, who are known for their very strong crypto?

Then there's the related demand to use Bitcoin to pay the ransom illustrating that this open-source anonymous blockchain-based cryptocurrency is becoming the cash-substitute of choice for organised crime.

There's also a weird circle in all of this.

Cyber encryption to make cyber currency like Bitcoin. Cyber encryption to create a ransom-able computer.

Viral spreading of the Bitcoin message. Viral spreading of the ransomware.

Even payment in Bitcoin to scan online advert streams (i.e. to look like hits). Oh, and to buy dubious products anonymously.

There's a whole circle of dark and uncommented monetisation occurring at a rather organised level.

No comments: