openPR Logo
Press release

WannaCry might be the tip of the iceberg

06-06-2017 04:18 PM CET | IT, New Media & Software

Press release from: OAK Consulting FZC

Rick Holland, Vice President, Strategy, Digital Shadows

Rick Holland, Vice President, Strategy, Digital Shadows

Comment Article by Rick Holland, Vice President, Strategy, Digital Shadows

The attack on 200,000 plus computers across more than 120 countries around the world by the WannaCry ransomware certainly got the attention of governments, media, consumers and law enforcement. But the actual impact could have been so much worse.

Much ink is still being expended trying to determine who was responsible and what their motives were and many believe this might have been the act of inexperienced hackers who lost control of their creation. Certainly, at the time of writing, none of the ransom has been collected from the bitcoin accounts victims were encouraged to send their money too.

But while WannaCry could have been so much worse in impact, what is clear is that the base exploit code it uses was part of a batch stolen by Shadow Brokers in April 2017 from the US National Security Agency’s (NSA) Equation Group and potentially last month’s attack could be just the tip of the iceberg.

Earlier in May 2017 CERT EU (The EU’s Computer Emergency Response Team) reported on a worm identified in the wild which has reportedly spread using exploit code leaked by Shadow Brokers in a similar fashion to WannaCry. CERT EU referred to this malware as "BlueDoom", but its internal name was reportedly "EternalRocks".

In addition to the EternalBlue Server Message Block (SMB) exploit used by WannaCry, EnternalRocks has reportedly also employed at least three additional exploits leaked by the Shadow Brokers: EternalChampion, EternalRomance and EternalSynergy as part of its propagation process.

All three of these exploits were developed to target SMB remote code execution vulnerabilities in Windows XP, all of which were patched in Microsoft's Apr 2017 MS17-010 release. However, unlike WannaCry, following a successful exploitation and subsequent deployment of the DOUBLEPULSAR backdoor on an infected machine the malware has reportedly not deployed any additional payload.

Why no payload is being deployed is unclear but we can speculate that EternalRocks was likely intended to be used to establish a presence on a large number of machines in order to facilitate the deployment of second-stage payloads sometime later. What that payload might be and what its function is are not clear and it remains to be seen how the actors responsible for developing this worm will exploit their access to infected machines.

What is clear is that this development highlights that the Eternal suite of Equation Group exploits and other technical assets leaked by the Shadow Brokers will almost certainly continue to pose a threat beyond WannaCry. Users and organizations which have not already implemented the relevant Microsoft patches and mitigations on the back of EternalBlue are advised to do so quickly.

Digital Shadows provides insight into an organization’s external digital risks and the threat actors targeting them. The Digital Shadows SearchLight™ service combines scalable data analytics with human analysts to monitor for cyber threats, data leakage, and reputation risks. Digital Shadows continually monitors the Internet across the visible, deep and dark web, as well as other online sources to create an up-to-the minute view of an organization and provide it with tailored threat intelligence. The company is jointly headquartered in London and San Francisco. For more information, visit www.digitalshadows.com.

Conrad Offices, 19th Floor
Sheikh Zayed Rod, Dubai

This release was published on openPR.

Permanent link to this press release:

Copy
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.

You can edit or delete your press release WannaCry might be the tip of the iceberg here

News-ID: 565155 • Views:

More Releases from OAK Consulting FZC

FarEye launches its Delivery Experience Suite – ‘Delight’
Dubai, United Arab Emirates, July 5, 2018: FarEye, a leading global digital logistics platform today announced the launch of its Delivery Experience Suite – ‘Delight’ that helps businesses increase their Delivery Happiness Score – the ultimate measure of customer success. It enables businesses to provide a seamless and personalized experience to the customers. FarEye is a leader in B2C logistics technology and is widely used by global giants like Walmart, DHL,
FarEye expands its footprint in the European market with the launch of its regio …
Dubai, United Arab Emirates, June 24, 2018: FarEye, a leading global digital logistics platform, today announced the opening of its first European office in the heart of London with an aim to expand its business foothold in the region and to serve its customers directly. With a total of 6 corporate offices in India, Dubai and Singapore, FarEye currently serves customers in over 20 countries. FarEye has revolutionized the logistics
Digital Shadows announces its Digital Risk Management Technology Ecosystem
Digital Shadows announces its Digital Risk Management Technology Ecosystem
Dubai, UAE, October 24, 2017 – Digital Shadows, the industry leader in digital risk management, today announced the launch of its Digital Risk Management Technology Ecosystem. Formed from almost a dozen technology companies, with more expected to join in the coming months, they all share a vision for how security analytics and security information and event management (SIEM), product orchestration and automation, risk & compliance, intelligence and network enforcement, must
Ring partners with Al Jammaz to provide smart home security for Saudi Arabia
Riyadh, Saudi Arabia – October 18, 2017: Ring, the leader in smart home security recently announced a partnership agreement with Al Jammaz Distribution, the leading Saudi based Value-Added Distributor, which distributes advanced technology products, solutions and services. This partnership will help Ring foray and expand its reach across the Saudi market offering customers Ring’s innovative home security products and solutions. “Ring believes in keeping homes and communities safe rather than

All 5 Releases


More Releases for Shadow

New Technology for Instant Shadow IT Discovery
Scirge (https://scirge.com) has recently launched its landmark product line allowing organizations to quickly assess their cloud presence, including SaaS applications, unmanaged supply chains, and other web-based services. Third-party cloud solutions, SaaS, and other web-based services that are emerging across business units are vital in keeping business operations and processes agile. However, technical debt and unmanaged access rights to these services create an unmanaged risk for compliance and the potential for credential-related
Shadow x Drone review 2022: Truth About Shadow x Drone Uk
INTRODUCTION TO SHADOW X DRONE UK Shadow x Drone is one of the newest additions in the drone industry. Without doubt, the market is expanding day by day and there's no sign of stopping for a moment. Simply put, the needs for drones can never be over emphasized. Starting from taking beautiful pictures, recording quality videos to a means of having fun. Taking quality pictures has been a challenging task most especially
Shadow X Drone Reviews 2021: (Must Read!) Shadow X Drone unrevealed truth.
Have you always wanted to know what it felt like to know how your home looks like from the sky? Drones help you play the powerful roles of pilots even when you’re scared of heights. Shadow X Drone the best option for you. Go through this Shadow X Drone Review and see hidden facts that makes this drone special. People out there get drones for different reasons. Some because they
Shadow Banking Market Rewriting it's Growth Cycle
A new market study on Global Shadow Banking Market with 100+ market data Tables, Pie Chart & Graphs is released that will provide complete assessment of the Market and covers evolving trends, current scenario analysis and growth factors, and industry validated market data. The research study provides market breakdown by revenue and volume (if applicable) and price history estimates for Global Shadow Banking. Some are the key players from the
Robotics Prosthetics Market Prominence to 2027 – by HDT Global, SynTouch Inc., …
Market Research Future published a research report Global Robotics Prosthetics Market and Forecast of Global Market 2018. The report begins with the overview of Industry structure, and describes industry environment, then analyses market size, share and forecast up to 2027. Report also gives in-depth qualitative observations, historical data, and identifiable projections about market. Robotics Prosthetics Market – Scenario The market is expected to show extensive growth in Asia Pacific regions, especially
Shadow Banking market
The market study, World Shadow Banking Market Size, Status and Forecast 2022, has been compiled by industry experts and is based on a comprehensive analysis of the Shadow Banking market in the world. The geographical distribution and various segments of the Shadow Banking market are extensively studied in this report. For this report, the Shadow Banking market value is provided for 2016 in USD millions, an expected CAGR % as well