On January 14th, the National Security Agency (NSA) Cybersecurity Directorate head Anne Neuberger announced a critical Windows 10 bug that could have led more than 900 million PCs vulnerable to attack. On the same day, Microsoft immediately released a patch for Windows 10 and Server 2016 after NSA disclosed this vulnerability.
Through this bug, attackers can remotely distribute malware or intercept sensitive data while the Windows mechanism is confirming the legitimacy of software or establishing secure web connections. The flaw does harm to specifically in the CryptoAPI service of Microsoft. It can make developers cryptographically “sign” software as well as data, or generate digital certificates used in the authentication. In this case, crucial protections may be undermined by the attackers. Eventually, the attackers can take control of victim devices. Since Windows 10 is the most-used operating system in the world, the flaw is problematic as more than 900 million PCs are involved. With the risks exploited by this vulnerability, it will be a long day for a lot of Windows administrators around the world.
According to Anne Neuberger, head of the NSA’s Cybersecurity Directorate,
“[We are] recommending that network owners expedite implementation of the patch immediately as we will also be doing. When we identified a broad cryptographic vulnerability like this we quickly turned to work with the company to ensure that they could mitigate it.”
Hackers improve their skills as cybersecurity professionals enhance their techniques. For this reason, the NSA has been investigating and researching all known and unknown flaws. Eternal Blue, a hacking tool NSA used to exploit a Windows bug patched in early 2017, was leaked online after Microsoft issued a fix at that time. With this tool, NSA figured out that this flaw had presented in all versions of Windows for digital espionage in the past 5 years. After this hacking tool was leaked online, the NSA lost control of Eternal Blue. In order to avoid similar debacles, the NSA keeps investigating more flaws with advanced measures.
There are preventive measures your organization can take to defend against an cyber attack.
LIFARS offering Free 30-minute consultation on cyber resiliency.
Email:firstname.lastname@example.org | Call us at:(212) 222-7061