Thursday, 29 June 2017

NotPetya Cyberwarfare ?


It is interesting that many are regarding this latest NotPetya attack as Cyberwarfare and not Ransomware.
The main reasons for this assumption are as follows:

Due to the nature of the infection, it would appear that Ransomware is being used to mask the true nature of the attack.
The files seem to be unrecoverable.
Similar to wiping a hard disk, the entire drive is rendered unuseable by overwriting the Master File Table.

It would definitely appear that the intention is to destroy rather than hold to Ransom.




Wednesday, 24 May 2017

Athena Spyware and EternalRocks

Wikileaks last week released documents detailing an application created by the CIA used to covertly monitor and control virtually any  current version of Windows.
Basically the application named Athena is spyware which  gives full rights over the PC to the control.
There is even a full user guide.HERE.

And there is also news of a rival to Wannacry called EternalRocks which has the potential to be even more destructive.  Eternal rocks makes use of seven of the NSA exploits leaked.  Wannacry used two of the exploits.  At present there is no reported activity related to this malware but it is very covert and includes serveral techniques to avoid detection.

So the question is, who are the bad guys?  The ones who leak the information or the ones who know about it but decide not to tell anyone?

We know in reality that the bad guys are already two steps ahead of the authorities when it comes to CyberSecurity so would it not be in everyones interest if the Authorities actually made a true contrubution to the security community and used their research to plug the holes and not secretly exploit them.


NotPetya Cyberwarfare ?

It is interesting that many are regarding this latest NotPetya attack as Cyberwarfare and not Ransomware. The main reasons for this assump...