Who has their hands on the most advanced exploits around? U.S. agencies? Professional hackers working for nation-states like Russia? Established black-hat groups targeting Fortune 500 companies?
All of those make the list. But after the recent leak of advanced cyber weapons at the National Security Agency (NSA) last month, you can add a new contingent to that list:
Just about anyone with an internet connection.
In mid-August, a group of hackers calling themselves The Shadow Brokers made available a collection of exploit tools allegedly used by the NSA for surveillance initiatives. These tools target pervasive, commercially available software products, and according to some analysts, they are among the most advanced cyber weapons in use among hackers of all stripes.
It’s no surprise this news has sparked a wave of panic among cyber security professionals, who have been vocal in condemning the NSA’s practice of stockpiling such weapons and failing to disclose them to the software vendors they target.
Analysts have started to assess the threat potential and uptake of these cyber weapons. For example, Brendan Dolan-Gavitt, a researcher at NYU, created a honeypot to determine whether hackers would attempt to deploy the newly acquired exploits. He has recorded several attempts per day, beginning within 24 hours of putting his lure online.
Cyber professionals and software vendors should not be the only ones alarmed by the NSA leak. When even unskilled would-be hackers have access to state-of-the-art intrusion programs for common software, private and public organizations face a serious threat.
This is the type of event that reinforces a need for proactive cyber intelligence for any firm that relies on its data.
Not every organization has the internal resources or budget to implement a robust intelligence program in-house. For those who won’t, managed security services could be the key to safeguarding against this emerging threat. Lunarline leverages its best in-class security operations infrastructure, industry-leading professional talent and innovative tools developed in-house to keep watch on our clients’ networks 24/7, constantly updating our analysis tools to tackle the latest threats from around the globe.
Lunarline already is researching the leaked NSA exploits to protect our clients against them. So if you are concerned about the security of your networks — whether it’s because of the NSA leak or any other worry — send us a message to learn how we can help. You also can visit us at Lunarline.com to get an overview of the services and products we provide.