Cyber expert's oversight opened the door for WannaCry and NotPetya

itman · Aug 10, 2017

I would also lump Microsoft in this category since the initially "dissed" the Shadow Brokers dump as "old exploits" and not a major issue.

If cybersecurity researchers had paid a bit more attention to the Shadow Brokers dump of alleged National Security Agency hacking tools back in April, the WannaCry and NotPetya attacks may have never happened, according to a new report.

That is the analysis put out by Rapid 7 in its 2017 Q2 Threat Report in which it noted that security analysts were initially thrilled to get their hands on these hacking tools, but after the researchers realized the tools were old and not obviously dangerous because they attacked known and patched vulnerabilities they moved on to other projects.

“Unfortunately, we were the only ones. Attackers did not move on; they realized that even though we thought we were safe against these non-zero-day, unexciting attacks, we were not,” the report stated.

In hindsight it might have been obvious that cybercriminals were up to something. Rapid 7 honeypots started seeing an increasing amount of traffic following the Shadow Brokers dump in mid-April culminating in giant spikes in May and June when WannaCry and NotPetya were launched.
Click to expand...

https://www.scmagazine.com/cyber-ex...oor-for-wannacry-and-notpetya/article/680880/

Log in or Sign up

Cyber expert's oversight opened the door for WannaCry and NotPetya

itman Registered Member

Log in or Sign up

Cyber expert's oversight opened the door for WannaCry and NotPetya

itman Registered Member

Useful Searches