By Robert McMillan
A new fast-spreading computer attack and a hacking group's
threat to release a fresh trove of stolen cyberweapons are fueling
fears among businesses and security experts of another global
technology assault.
The new attack, called Adylkuzz, follows last week's WannaCry
outbreak, which crippled computers in more than 100 countries over
the weekend. Unlike its predecessor, Adylkuzz doesn't lock up
computer screens, but slows down systems as it quietly steals
processing power to generate a little-known digital currency called
Monero.
By Wednesday, Adylkuzz had infected several hundred thousand
machines around the globe, according to Ryan Kalember, senior vice
president with the security intelligence firm Proofpoint Inc.
That's approximately the same count as WannaCry, which has largely
stopped spreading, security experts said.
The news comes a day after a hacking group called the Shadow
Brokers separately posted an internet message saying it would
release a new trove of cyberattack tools next month. The group
claimed to have software that would affect web browsers, routers,
mobile phones and Microsoft Corp.'s Windows 10 operating system.
Its first trove, which it and Microsoft said was stolen from the
National Security Agency, was dumped last month and used by
WannaCry.
A Microsoft spokeswoman said the company is aware of the new
Shadow Brokers claim and that its security teams actively monitor
for emerging threats. The NSA has declined to comment on the
authenticity of the Shadow Brokers documents or the WannaCry
attack.
The threats highlight the growing risks of global assaults for
businesses and governments posed by a nexus of mysterious hackers
and powerful, government-crafted cyberweapons.
"In a few years we're going to be looking back and saying that
2017 was clearly a turning point," said Edward Amoroso, the former
security chief at AT&T Inc. "That's when we started to see
businesses affected. If your employees are coming in and they can't
work, that's a big deal."
For companies looking to protect their systems, security experts
agree on one piece of advice: install patches to Windows software
now.
Still, that may not be enough to stop the next attack. "There's
no wall you can build that's high enough or deep enough to keep a
dedicated adversary out," said John Carlin, a former cybercrimes
prosecutor at the Justice Department.
Larger companies will need to step up their security training,
patching and planning, he says. Smaller mom-and-pop businesses may
need to hand over security to companies that specialize in these
services. "It's crazy to expect a mom-and-pop to on their own have
to deal with cybersecurity issues," said Mr. Carlin, now the chair
of the law firm Morrison & Foerster LLP's global risk and
crisis management practice.
Corporate computer security spending is expected to hit $90
billion world-wide this year, an increase of 7.6% from a year
earlier, according to research firm Gartner Inc.
The Shadow Brokers' release of what it says are U.S. government
hacking tools comes after WikiLeaks in March published a cache of
alleged Central Intelligence Agency cybersecrets, offering a window
into a world where the research and development of computer attacks
has become increasingly professionalized.
The stage for today's cyberattacks was set more than a decade
ago. In the mid-2000s, Microsoft, embarrassed by a series of
computer worm and virus outbreaks, began to comb through its
software for bugs and develop new coding techniques designed to
thwart hackers. At the same time, hackers discovered they could
command large fees for their work.
Apple Inc., for example, pays $200,000 for details on the most
severe bugs affecting its software. Government agencies and private
corporations often pay more, especially if the research includes
"exploit code" that can be used in an attack. Last year, the
Federal Bureau of Investigation paid more than $1 million for a
hacking tool that gave it access to the iPhone used by the gunman
in the San Bernardino, Calif., attack.
All of this has helped pushed underground bugs such as the one
used in WannaCry and the "exploit" code that leverages them. That
means companies such as Microsoft are often unaware they exist,
said David Aitel, chief executive at Immunity Inc., a
computer-security services company. "There's a scarcity of
high-quality attack tools," he said.
But if companies thought the risk of attacks had evaporated,
WannaCry served as a wake-up call. While few victims appear to have
paid the $300 ransom WannaCry demanded from affected users, the
software affected hundreds of thousands of systems, including
networks at Renault SA and Britain's public health service. It not
only rendered computers unusable but deployed encryption to make
data stored on them unreadable.
The attack could have been much worse if it had made sensitive
corporate information public, said Mr. Aitel, a former NSA
analyst.
Recent events are "a taste of the kind of threats we may be
facing going forward," said Virginia Sen. Mark Warner, the top
Democrat on the Senate Intelligence Committee, which oversees the
nation's spy agencies. "I'm not sure if the whole of government --
or for that matter, the whole of society -- is fully prepared."
Another computer worm may soon appear, either based on the
Shadow Brokers' code used by WannaCry or similarly devastating code
released by Shadow Brokers in April that was used on Microsoft's
Remote Desktop Protocol software, said Robert M. Lee, chief
executive of security consultancy Dragos Inc.
And while it isn't known yet how dangerous any new releases
might be, "everything the Shadow Brokers have talked about leaking
so far has been legitimate," he said.
Microsoft, whose Windows software is the most frequent target of
attacks, is calling on governments to report software flaws rather
than stockpiling or exploiting them.
"Repeatedly, exploits in the hands of governments have leaked
into the public domain and caused widespread damage," Brad Smith,
the company's top lawyer, wrote in a blog post Sunday.
Given the widespread use of these attacks, and the fact that
nations such as North Korea are unlikely to abide by international
cybersecurity conventions akin to those proposed by Microsoft,
Immunity's Mr. Aitel says such suggestions aren't likely to be
adopted. "No country on earth thinks this is a good idea," he
said.
--Natalie Andrews contributed to this article.
(END) Dow Jones Newswires
May 17, 2017 13:52 ET (17:52 GMT)
Copyright (c) 2017 Dow Jones & Company, Inc.
Apple (NASDAQ:AAPL)
Historical Stock Chart
From Aug 2024 to Sep 2024
Apple (NASDAQ:AAPL)
Historical Stock Chart
From Sep 2023 to Sep 2024