Another theft of cyber-weapons has occurred, and it would seem that hackers have once again managed to steal from the US spies, and release dangerous tools to be taken by cyber criminals.
The reports say that another tool for online espionage was stolen from the US’s National Security Agency. It would seem that the tool in question exploits weaknesses in Windows software, just like the one that was the basis for a WannaCry attack that started last Friday.
The tool called EsteemAudit, and has now been changed, adapted, and was also posted online, ready and available for any criminal that wants it. This leak has made people think that another cyber-attack is about to occur. The ransomware attack that has crippled half the world during this weekend has made Britain’s cyber spies desperate. They’ve even called the so-called bedroom computer whiz kids for help after the ransomware has managed to hack the NHS.
Freelance and amateur cyber security experts have answered, and one of them, a 22-year-old that called himself MalwareTech, but was later identified as Marcus Hutchins, has actually managed to discover a kill switch for the ransomware. It would seem that such spy agencies have a policy of reaching out to lone experts in cyber security.
One of the sources has stated that “We work with a lot of different people. Some of those are people that you wouldn’t necessarily expect us, or large organizations, to work with. Because of the nature of our business, we need to reach out to these bright young things and get their expertise. We do it a lot because these people understand it more than perhaps some of the older generation. So that’s why we work with the likes of MalwareTech and these people have contacts with the National Cyber Security Centre.”
It’s even said that most of the gifted people actually prefer to work alone. That’s why the agencies are reaching out to them. Many of these people understand the nature of the code much better than most of those who call themselves professionals. Also, many of the hackers are exposed as criminals, when they actually only tried to expose the flaws in order to help fix them.
These hackers don’t even demand payment for their services, but instead, they do it simply for a challenge. Take Mr. Hutchins as an example, who managed to singlehandedly discover a kill switch, and stop the attack that devastated half the world in less than 3 full days. This ‘accidental hero’, as he’s now called, is a self-taught expert. Despite this, he’s not working for a big company, but instead has stopped the attack from his bedroom, in his parents’ house.
While studying the ransomware code, he discovered that if a certain domain was found by the ransomware, the attack would stop. He registered the said domain for £8, and the attack was redirected. His mother has stated that she’s ‘very proud’, and that her son is currently in a meeting in London.
There were several new discoveries that also happened lately. For example, the new stealth fighters, helicopters and submarine-hunting planes that were bought from the US by the UK are all vulnerable to cyber-attacks. This includes Apache helicopters bought by the British Army, Boeing P8 maritime patrol planes, as well as F-35 stealth fighters. All vulnerabilities are supposedly discovered and will be eliminated.