Experts fear further waves of cyber attacks may be on the way, as criminals race to re-purpose hacking tools that were stolen from the US National Security Agency and leaked last month.
After WannaCry, a ransomware program based on the leaked NSA exploit EternalBlue that hit hundreds of thousands of machines last week, criminals have adapted another NSA tool called EsteemAudit, security analysts tell the Financial Times.
EternalBlue and EsteemAudit are among several zero-day exploits released last month by a group calling itself the Shadow Brokers, although EternalBlue is believed to be the most powerful among them.
EsteemAudit takes advantage of a vulnerability in Microsoft’s Remote Desktop Protocol in Windows 2003 and Windows XP, allowing an attacker to install and execute malicious code, according to an analysis by Fortinet
Microsoft, which no longer supports those versions of Windows, says that the vulnerability does not affect anyone using Windows 7 or any more recent version of the operating system.
The unprecedented WannaCry global cyber attack beginning on Friday has unleashed a new wave of criticism directed at the NSA.
Microsoft Corp President Brad Smith sharply criticized the US government on Sunday for ‘stockpiling’ software flaws that it often cannot protect, citing recent leaks of both NSA and CIA hacking tools.
‘Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage,’ Smith wrote in a blog post.
‘An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.’
Some major technology companies, including Google and Facebook, declined comment on the Microsoft statement.
But some other technology industry executives said privately that it reflected a widely held view in Silicon Valley that the US government is too willing to jeopardize internet security in order to preserve offensive cyber capabilities.
The NSA did not respond to requests for comment.
The NSA and other intelligence services generally aim to balance disclosing software flaws they unearth against keeping them secret for espionage and cyber warfare purposes.
On Monday, senior administration officials defended the government’s handling of software flaws, without confirming the NSA link to WannaCry, the tool used in the global ransomware attack.
‘The United States, more than probably any other country, is extremely careful with their processes about how they handle any vulnerabilities that they’re aware of,’ Tom Bossert, the White House homeland security adviser, said at a press briefing on Monday.
Source: Hackers have adapted another NSA cyber weapon, EsteemAudit | Daily Mail Online
No comments:
Post a Comment