Hack Naked News #131
Recorded June 28, 2017 at G-Unit Studios in Rhode Island!
- http://thehackernews.com/2017/06/shadowbrokers-nsa-hacker.html -- Shadowbrokers continue their exploits by planning to dox a hacker who worked for the NSA. They also keep reasing the price for subscriptions.
- http://thehackernews.com/2017/06/wikileaks-cia-malware-geolocation.html ELSA, basically uses local hotspots to determine the location of the laptop and then stores that information. Even without an internet connection it's still using wifi to try and determine the loations of the device. Serious spy stuff. Bond has to go in and retreive the laptop later.
- http://www.cio.com/article/2371547/security0/dod-networks-completely-compromised--experts-say.html -- Way back! You were warned in this oped from 2012. The DoD can't protect it's networks because it uses an all or nothing type approach.
- https://news.slashdot.org/story/17/06/27/2017204/britains-newest-warship-runs-windows-xp-raising-cyber-attack-fears -- So, what happens when your really expensive military equipment runs Windows XP? C'mon, really. What's next tanks using Windows Me. Don't be shocked. Military design projects take years (lots of years) to complete and everthing has to be speced YEARS ago. Change the spec, start over.
- https://it.slashdot.org/story/17/06/27/2040254/hacker-behind-massive-ransomware-outbreak-cant-get-emails-from-victims-who-paid -- Wow, now I can't even pay the guy to get the key.
- https://it.slashdot.org/story/17/06/27/192223/heritage-valley-health-system-target-of-cyber-attack -- This healthcare operation in PA confirmed they were indeed hit with Petya yesterday.
- https://www.nytimes.com/2017/06/22/technology/ransomware-attack-nsa-cyberweapons.html?action=click&contentCollection=Technology&module=RelatedCoverage®ion=Marginalia&pgtype=article -- When Petya isn't enough, use Double Pulsar. Cover up your exploits with ransomware afterthoughts.
Expert Commentary: Jason Wood, Paladin Security
When nations' offensive technical strengths meet their defensive weaknesses
Basically, the countries around the world are getting (or have) themselves in position to cause major disruptions of enemy/adversary countries. The USA is doing it, Russia is doing it, China is right there along with up and coming players like Iran and North Korea. You can also include the UK, France, etc. Add in to that mix, a number of tools used by the USA have been released publicly and are being used by ransomware crews. The latest outbreak of ransomware using those tools have kicked off today. In short, it's a big ugly mess.
If one country decides to unload their attacks on another and that country decides to respond in kind, it could very messy very fast. It appears that the USA and Russia could cause some major mayhem if they decided to. We depend heavily on our computer and network systems for pretty much everything. Buying food, getting gas, having power at home, etc. If the current vulnerabilities in the systems we have weren't enough, we continue to race to put more things online and in control of more things we want or need. What happens when someone lights a match in the right place at the wrong time?
The major take away that I have is that we need to be prepared for things to start breaking on us at some point. That includes tested backup and recovery processes, basic security hygiene being performed, and getting rid of the idea that "it can't happen to use because we [are too small | don't have anything interesting ] and it's too expensive anyways. We can't control what occurs in the Kremlin or in Washington DC. What we can control is what we are doing in our own organizations and homes.
Source articles: How an entire nation became Russia's test lab for cyberwar https://www.wired.com/story/russian-hackers-attack-ukraine
Senators push Trump for answers on power grid malware attack https://www.wired.com/story/congress-trump-power-grid-malware-letter
Obama reportedly ordered implants to be deployed in key Russian networks https://arstechnica.com/tech-policy/2017/06/obama-reportedly-ordered-hacking-operation-targeting-key-russian-networks/