Unfortunately, widespread failure to download this patch in a timely manner led to the effectiveness of the WannaCry and NotPetya attacks.
Microsoft did release a patch for the exploits in March 2017, including one for Eternal Blue, but many companies and individuals failed to install it immediately. While the NSA has not acknowledged that their tools were used in recent cyber attacks, most digital experts (including Symantec) are saying that the NSA’s hacking tool, Eternal Blue, was used in the recent WannaCry and NotPetya ransomware attacks.
Various reasons exist for this, such as corporations and companies notoriously failing to install updates, the fact that business networks allow the malware to spread more effectively, and because many businesses and companies are more likely to pay the ransom to release their files or system. And, while individual consumers could be at risk, experts say the leaked tools are actually more targeted at enterprises and businesses.
The NSA exploits released all target a variety of Windows-based environments and operating systems, including Windows 7 and Windows 8. In other words, this means that common cyber thieves now have stronger, more malicious tools that can target and infect computers and networks with malware.īusinesses and Enterprises Are Most At-Risk When the Shadow Brokers dumped these Windows-based exploits online, they essentially put a “powerful nation state-level attack tool in the hands of anyone who wants to download it to start targeting servers,” said one security firm. These tools, called “exploits,” are software tools designed to take advantage of a flaw in a computer system, typically for malicious purposes, such as installing malware on a user’s device. In April 2017, a “collection of spy tools allegedly used by the National Security Agency” (NSA) were stolen and leaked online by a group of anonymous hackers calling themselves the Shadow Brokers.