Article: Bad Rabbit Used Pilfered NSA Exploit
By: Kelly Jackson Higgins
Date Published: 10/26/2017
In one of the most recent articles posted onto darkreading.com, Kelly Higgins talks about the most recent ransomware that is working its way around Europe and some neighboring countries. This ransomware was nicknamed the Bad Rabbit and has "hit hundreds of government, media, transportation and other targets in 15 nations." The recent attacks have left many companies and organizations analyzing their systems and trying to find and fix their code to try to prevent similar attacks in the future. However, some of the newer news that has come out is that part of the code used to help spread the ransomware came from data stolen from the NSA. This information was dug up by reverse engineers while they were analyzing the malware.
It is believed that along with the data stolen from the NSA, the ransomware also spread due to the use of EternalRomance code which creates "an exploit that bypasses security over Server Message Block(SMB) file-sharing connections." This ransomware showed up "disguised as an Adobe Flash update" and once the ransomware was on a system, it worked on spreading to other systems over different networks. Other than this current update, the public has not learned anything new since it first hit different companies.
I found this article very interesting with the update that data stolen from the NSA helped to generate the spread of this ransomware. I believe that the general public just needs to stay aware of what is happening in the news with any new data breaches or malware spreading in the public and private sector. Hopefully, as we continue to get hit by all of these different types of malware, computer security experts are constantly working on improving code to allow the systems to evolve with the malware. Along with this, I believe that governments need to set certain regulations in place for companies and how they secure their systems. The best way for the public to stay updated on this topic as more information gets released to the public is through frequently checking reliable news sources.
Article: https://www.darkreading.com/vulnerabilities---threats/bad-rabbit-used-pilfered-nsa-exploit-/d/d-id/1330237?
Second paragraph quotes & image
: https://arstechnica.com/information-technology/2017/10/bad-rabbit-used-nsa-eternalromance-exploit-to-spread-researchers-say/
By: Kelly Jackson Higgins
Date Published: 10/26/2017
It is believed that along with the data stolen from the NSA, the ransomware also spread due to the use of EternalRomance code which creates "an exploit that bypasses security over Server Message Block(SMB) file-sharing connections." This ransomware showed up "disguised as an Adobe Flash update" and once the ransomware was on a system, it worked on spreading to other systems over different networks. Other than this current update, the public has not learned anything new since it first hit different companies.
I found this article very interesting with the update that data stolen from the NSA helped to generate the spread of this ransomware. I believe that the general public just needs to stay aware of what is happening in the news with any new data breaches or malware spreading in the public and private sector. Hopefully, as we continue to get hit by all of these different types of malware, computer security experts are constantly working on improving code to allow the systems to evolve with the malware. Along with this, I believe that governments need to set certain regulations in place for companies and how they secure their systems. The best way for the public to stay updated on this topic as more information gets released to the public is through frequently checking reliable news sources.
Article: https://www.darkreading.com/vulnerabilities---threats/bad-rabbit-used-pilfered-nsa-exploit-/d/d-id/1330237?
Second paragraph quotes & image
: https://arstechnica.com/information-technology/2017/10/bad-rabbit-used-nsa-eternalromance-exploit-to-spread-researchers-say/
Comments
Post a Comment