Worldwide Hacks Use NSA Zero-Day: Revisit Cyber Advisory Board’s Debate

On Friday, a massive cyber attack hit organizations across globe. The attacks crippled two hospitals in the United Kingdom, and hit a number of companies across 150 countries around the world, infecting at least 200,000 computers, with malware disproportionately affecting Russia, Ukraine, India, and Taiwan. Targets also include banks, telecommunication service providers and train stations in countries like Germany, Turkey, Spain and Portugal. The attackers injected a ransomware called WannaCry that locked access to any files – such as patient medical records, forcing the UK hospitals to turn away patients with serious medical conditions – until a ransom payment is made. Demands for ransoms between $300 and $600 in Bitcoin to be paid by Monday, May 15, have been delivered in more than two-dozen languages.

Perhaps most notably, the attackers leveraged a hacking tool called Eternalblue that was found in the April leaks of exploits allegedly belonging to the National Security Agency by a group calling themselves the Shadow Brokers. The alleged NSA exploit allows the ransomware to spread through Windows machines like a worm, locking computers as it moves across an organization’s network.