Almost three weeks after WannaCry heist, the question about who is behind the attack is yet to be answered. Regardless of who did it, the truth is that if you managed not to be impacted by the ransomware storm that hit 150+ countries and, allegedly, 200 thousand to 1 million devices, congratulations!
That is because you will most likely find yourself falling in one of the three categories: either you have responsibly installed all the patches recommended by Microsoft Corp. after acquiring a brand new license of Windows 10 or maybe you are just lucky and you do not have a Windows device or perhaps, you just turned your computer on and this is the last thing you will do online before a ransomware message pops on your screen.
Hopefully, you are still reading this post and I suspect you must feel a sense of well-deserved relief right now. Well, don’t tap yourself in the back, Sherlock. As a messenger, I would like to remind you that you are still on the hook, at least for the next 6.9 years, which apparently is the average life expectancy of a vulnerability. In other words, the zero-day that haunted half of the known world last month may harm unprotected systems for the next 7 years. So cherish the moment, because on May,15th another zero day exploit, supposedly one more out of NSA's vault, known as EsteemAudit , was made available to hackers in the dark web. Differently from Eternal Blue’s based WannaCry, there are no patches available and it is estimated that 24.000 computers are vulnerable.
If the average life cycle of releasing the exploit and the effective attack is confirmed once again, it takes around 22 days to trigger a cyberattack after the exploit was made public, which means that June, 06th may be a day to watch. But apparently this will be last time you will have to count the days, thanks to the subscription service that Shadow Brokers, the anonymous organization behind the public availability of these exploits. Yes, you got it right. Even Shadow Brokers are trying to establish recurring sources of revenue. and anyone with approximately USD 21,000 per month in zCash to invest, may join the community and have access to first releases, which are promised to include exploits for operating systems, including Windows 10; exploits for web browsers, routers, and smartphones; compromised data from banks and Swift providers; stolen network information from Russian, Chinese, Iranian, and North Korean nuclear missile programs. The wonders of a platform economy and more over, a clear illustration of how power has been rebalanced lately.
Good old times (well, not that good) when the definition of enemies and allies were clear, times when friends and foes were named and the power was defined by the military forces a given nation possessed. Today, the threat is faceless, flagless, unpredictable. Anybody can join the battle. From any side. For good and for bad. But before I delve further into this, let me stop and leave the democratization of war for a future post.
For now, best of luck next week! Who knows what will be waiting for you when you come back online. The clock is ticking.
MR