Jump to content
Login new information ×
Login new information

NSA Reported WannaCry Vulnerability to Microsoft After Using It for 5 Years

CrAKeN

By CrAKeN
in Security & Privacy News

Recommended Posts

CrAKeN

CrAKeN

Posted
Posted

nsa-reported-wannacry-vulnerability-to-m

 

The NSA used the vulnerability in attacks for 5 years

 

The WannaCry ransomware outburst is living proof that systems across the world need to be running the latest patches and supported operating system versions, but while Microsoft rolled out updates to block the exploit before the mass infection started, new information reveals some behind-the-scenes details.

 

A report from the Washington Post reveals that the NSA itself reported the vulnerability to Microsoft after discovering that a group of hackers managed to steal it from its systems.

 

The National Security Agency was hit by a cyberattack launched by Shadow Brokers last year, and the hackers managed to steal several exploits that the agency itself was using to break into Windows computers.

 

Since most of these exploits were based on unpatched vulnerabilities in Windows, leaking them online could have led to large-scale attacks, so in order to prevent this, the NSA itself reported the bugs to Microsoft to have them patched.

 

The agency, however, did this for its own good, as it was afraid that hackers might use the exploits against computers used by officials in the United States, including those belonging to the Department of Defense.

 

NSA used the flaw for 5 years


After being tipped off about the vulnerability, Microsoft developed a patch in mid-February and published it for supported Windows systems in March, with unsupported Windows versions getting the fix only if they were covered by a custom support license. After the massive ransomware infection started this month, Microsoft decided to release this patch for all users, including for those running Windows XP.

 

More worrying is that the NSA actually used the same vulnerability to hack into Windows systems for no less than 5 years before reporting it to Microsoft. And there’s a good chance that the flaw would have remained completely secret if the hackers didn’t break into NSA systems.

 

This is one of the reasons Microsoft criticized the NSA and government departments for not reporting security flaws to vendors, emphasizing that systems worldwide are made vulnerable just because they’re keeping major vulnerabilities for their own hacking programs.

 

“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action,” Microsoft said.

 

Source

Link to comment
Share on other sites
  • Replies 4
  • Views 626
  • Created
  • Last Reply
straycat19

straycat19

Posted
Posted

The NSA used the EternalBlue hacking tool for more than five years before disclosing its existence to Microsoft. With EternalBlue, the NSA was able to gather great quantities of foreign intelligence; an NSA employee speaking on the condition of anonymity said that using the tool "was like fishing with dynamite." The NSA decided to notify Microsoft only after learning that EternalBlue had been stolen. As soon as Shadow Brokers announced their theft the NSA warned Microsoft. Microsoft could have prevented WannaCry.

 

Article

 

Article

Link to comment
Share on other sites
steven36

steven36

Posted
Posted
2 hours ago, straycat19 said:

NSA warned Microsoft. Microsoft could have prevented WannaCry.

NSA  had known these tools too be musing every since summer 2016 we know of. 

https://www.washingtonpost.com/world/national-security/nsas-use-of-software-flaws-to-hack-foreign-targets-posed-risks-to-cybersecurity/2016/08/17/657d837a-6487-11e6-96c0-37533479f3f5_story.html

They didn't warn Microsoft tell Jan 2017  and Microsoft had a patch out by March would would of happened if this happened like back in the fall or last winter ? ,  people just got lucky is all. 

https://phys.org/news/2017-05-spies-secret-software-vulnerabilities.html

 

There looking into making a  law now called the PatchAct  because of NSA failure to disclose there exploits fast enough.

 

Proposed PATCH Act forces US snoops to quit hoarding code exploits 

https://www.theregister.co.uk/2017/05/18/senate_introduces_patch_act_to_force_intel_agencies_to_fix_found_exploits/

 

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...