I also have been saying the same thing in my postings for some time. That is there is a high likelihood of innumerable backdoored devices in existence and it's just a matter of time till those backdoors, intentional or not, are used in a major attack.
Forget about the trouble-plagued F-35s and The US Navy's new $22 Billion + stealth destroyer, the USS Zumwalt (that had to be towed to port after it's engines broke down on it's Commissioned maiden voyage), the USA needs to be dedicating more resources to (Defensive) Cyberwarfare. Agencies of The US Government created DoublePulsar and its ilk, and now needs to find a way to put the "genie" back into the bottle. NOT This: "...Last month, he [Mr. Ben-Oni] personally briefed the F.B.I. analyst in charge of investigating the WannaCry attack. He was told that the agency had been specifically tasked with WannaCry, and that even though the attack on his company [DoublePulsar] was more invasive and sophisticated, it was still technically something else, and therefore the F.B.I. could not take on his case. The F.B.I. did not respond to requests for comment..." https://www.nytimes.com/2017/06/22/technology/ransomware-attack-nsa-cyberweapons.html hawki's 2 sense
A step in the right direction: "...Last month, President Trump signed an Executive Order aimed at strengthening the cybersecurity of federal networks and critical infrastructure. The Executive Order is right on point and addresses real cyber concerns. Most significantly, it also focuses heavily on cyber workforce development. This has been long overdue and the president’s Executive Order is a big step in ensuring that America has an adequate workforce to combat our worst cyberattacks. The Executive Order is a good first step by the Trump Administration in doing the things that must be done to defend America against cyberattack..." http://www.foxnews.com/opinion/2017...ressional-russia-probes-should-be-asking.html
Well my comment is no doubt going to sound or look naïve in comparison. And the analogy will really draw either some ire or glee depending on your POV. Back in those good old street sports days of souped up Camaro's, Dodge Challenger's and Mach I Mustang's etc. with their supercharged 427 big blocks, maybe 486 Hemi's and the like, when you dropped a valve or spun a crank bearing especially, the engine had to come out for an overhaul. Hone out the cylinders, rebalanced the crank etc. So from one member's perspective, it looks very much like today's computer technology on the software end anyway, has too far outpaced itself and definitely ahead of those peeps charged to try to keep them in check and running secure. They can enforce even more standards until the cows come home and spend a fortune just on that BUT nothing will produce the results intended (security) until they pull the units completely out and do a complete overhaul/remap network (whatever) and start from scratch again. Well that's how I see things so far and since we all know that is not about to happen, then the same vicious cycle will simply continue on the same ole course with the same disruptions surfacing time and again over and over again like a merry-go-round.
Well, there is a way to close the DoublePulsar backdoor. Just infect yourself with the EternalPot exploit which closes the DoublePulsar backdoor since it uses WMI for persistence.
http://blog.trendmicro.com/backdoor-attacks-work-protect/ Additional ref.: https://www.trendmicro.de/cloud-con...apers/wp-backdoor-use-in-targeted-attacks.pdf
LOL, interesting article. It was refreshing to see that names were mentioned. Cylance, McAfee and Microsoft were not able to block this attack. I'm guessing the attackers used in-memory ransomware.
