The WannaCry ransomware attack was created by hacking amatures who copied from a famous hacker group known as the shadow brokers. While WannaCry is no longer a threat with the latest security update, a recent announcment shows that the hacker group is going to continue to release dangerous security exploits for anyone to use, at the right price.
Who are the ShadowBrokers?
There are a few theories about who makes up the membership of the ShadowBrokers group. These theories range from official National Security Agency employees to Russian spies. However, all these theories are based on unreliable information, so not much is actually known about the group. The only thing known for certain is that the ShadowBrokers use social media to sell cybersecurity secrets to amatures.
What do they sell?
The ShadowBrokers’ first started to auction off security secrets in August of 2016. They promised the highest bidder would receive cycbersecurity vulnerabilities that work just as well as government cyber weapons. Over the next year, the ShadowBrokers used a variety of different means to sell their secrets: auctions, crowdfunding, and direct sales. In April of 2017, their fifth release of information went public, which included the ETERNALBLUE Windows vulnerability that allowed WannaCry to infect over 300,000 computers in a single day.
The Latest Release
The ShadowBrokers have recently announced a subscription service that would include access to bi-monthly security exploit releases in early September 2017. The first package they sold included an NSA exploit titled UNITEDRAKE, which allows hackers to remotely monitor or control a computer running any Microsoft OS between Windows XP and Windows 8.The exploit can also discreetly record audio from your microphone, video from your webcam and anything that is typed on the keyboard. It can also remotely remove itself from the target computer, leaving no signs of a breach.
How to protect yourself from ShadowBrokers releases
Luckily, all the security exploits that the ShadowBrokers have released targeted older, outdated versions of software.The best way to protect your computers is make sure your operating system is properly upgraded and patched. Advanced network monitoring can detect suspicious activity, but that requires a significant amount of time and IT knowledge, making it difficult for small- to medium-sized businesses who usually don’t have the resources to handle around-the-clock maintenance. This is where Info Advantage can help.
If you are worried about the ShadowBrokers releases, or have any other cyber security concerns, contact Info Advantage today at (585) 254-8710 today to learn more about how we can help keep your network safe.