They’re calling it one of the biggest cyber attacks in history. Unprecedented in scale, Kaspersky Labs reports that some 45,000 devices have been compromised across 74 countries.
According to reports, America’s own National Security Agency (NSA) developed the very tools that have been used to break into computers around the world. The exploit, named “EternalBlue,” was released by a hacking group earlier this year and put up for sale.
It appears that someone took them up on the offer and is now using it to deliver Ransom Ware to target computers:
A hacking tool known as “eternal blue”, developed by US spies has been weaponised by the hackers to super-charge an existing form of ransomware known as WannaCry, three senior cyber security analysts said. Their reading of events was confirmed by western security officials who are still scrambling to contain the spread of the attack. The NSA’s eternal blue exploit allows the malware to spread through file-sharing protocols set up across organisations, many of which span the globe.
NHS hack: So NSA had secret backdoor into Windows. Details leaked few weeks ago. Now backdoor being exploited by random criminals. Nightmare
— Sam Coates Times (@SamCoatesTimes) May 12, 2017
Ransom Ware is designed to stealthily compromise a target system, and once deployed, immediately locks down files by encrypting so that only someone with the key is able to unlock them. In most cases, the virus requests that the user send a certain amount of money, often using untraceable digital currencies like Bitcoin to cover their tracks. Failure to pay within the allotted time will render the files on the target system unusable.
The latest hack shows just how vulnerable our systems are. And we’re not just talking about personal computers. Today’s attack targeted the health care system of Britain. Similar reports have emerged from Spain and other countries.
For the time being, systems related to utilities, law enforcement, power grids, and the energy sector have not been hijacked, but as we’ve previously warned these are exactly the networks that rogue terror groups and other organizations could compromise at any moment:
It now appears that our interconnected smart grid is actively under attack, as evidenced by a new Stuxnet-style trojan that has been detected by major cyber security leaders Symantec and McAfee. Much like its predecessor, the trojan dubbed “Duqu” is designed to infilitrate the networks that control everything from power production facilities to oil refineries. It is not yet clear exactly how the trojan operates, what its intended purpose is, or who designed it (though it is believed that the code for Duqu and Stuxnet likely originated with U.S. intelligence agencies). Both Symantec and McAfee continue to investigate the threat:
Security researchers have detected a new Trojan, scarily similar to the infamous Stuxnet worm, which could disrupt computers controlling power plants, oil refineries and other critical infrastructure networks.
Trojans and viruses capable of taking down the very infrastructure upon which we depend in day-to-day life are getting more and more advanced.
Now, those viruses combined with NSA Zero Day tools capable of breaking through digital security protocols could deliver a blow to America’s cyber networks unlike anything we’ve ever seen before. Th combination can be extremely disruptive, perhaps even deadly.
Today’s cyber attack is a warning.
The next one could quite literally take down our entire power grid, at which point everything from the banking system to your local gas station will become inoperable.
Within about 48 hours of that scenario, should officials not be able to restore electrical grid services, you can expect a full breakdown of civil society as you know it today:
After the initial shock wears off of the disaster, many will have difficulty in coping and adapting to what has just occurred. This is also what many refer to as the normalcy bias, and is actually a coping mechanism to help us process and deal with the changes that have occurred. Many will cling to any normal thought and habit until their brain begins to accept the changes it has witnessed. As they are trying to wrap their thoughts around the severity of the disaster, their losses and what their future holds, local government leaders are scrambling for answers and trying to assess the situation, all the while dealing with their own normalcy bias issues.
At this point, the unprepared survivors will be expecting organizations and local government to step in to meet their immediate needs at any moment. The reality of the situation becomes more bleak when they realize that due to downed power lines or debris blocking roadways and access points, emergency organizations, emergency response and distribution trucks supplying food, water, fuel and other pertinent resources will be unable to get to the area. Once the realization hits that resources are scarce and the government leaders are incapable of helping them in a timely fashion, desperate citizens will take action into their own hands.
The breakdown has begun.
Source: The Anatomy of a Breakdown
We realize that sounds dramatic and sensationalist, but don’t take it from us. The chairman of the House Committee on Homeland Security said just last year that U.S. cyber networks have already been compromised to such an extent that at any moment our stock exchanges, electrical utilities and other core nodes of the United States could be taken down for the count.
Further, former Department of Homeland Security head Janet Napolitano has not only warned of the imminence of a massive cyber attack, she also noted that it could take the government weeks to get it back online.
The outgoing Homeland Security Secretary has a warning for her successor: A massive and “serious” cyber attack on the U.S. homeland is coming, and a natural disaster — the likes of which the nation has never seen — is also likely on its way.
In the meantime, there will be no food on grocery store shelves and the modern conveniences you enjoy today – things like refrigeration, air conditioning and television – will be non-existent, which is why preparing ahead of a major disaster is absolutely critical to survival.
Today hackers took down government healthcare systems and other important infrastructure components across 74 countries.
Tomorrow it could be the U.S. power grid.