RS Wood
2017-06-22 19:52:30 UTC
https://www.nytimes.com/2017/06/22/technology/ransomware-attack-nsa-cyberweapons.html
But in this case, modern-day detection systems created by Cylance,
McAfee and Microsoft and patching systems by Tanium did not catch the
attack on IDT. Nor did any of the 128 publicly available threat
intelligence feeds that IDT subscribes to. Even the 10 threat
intelligence feeds that his organization spends a half-million dollars
on annually for urgent information failed to report it. He has since
threatened to return their products.
“Our industry likes to work on known problems,” Mr. Ben-Oni said. “This
is an unknown problem. We’re not ready for this.”
No one he has spoken to knows whether they have been hit, but just this
month, restaurants across the United States reported being hit with
similar attacks that were undetected by antivirus systems. There are
now YouTube videos showing criminals how to attack systems using the
very same N.S.A. tools used against IDT, and Metasploit, an automated
hacking tool, now allows anyone to carry out these attacks with the
click of a button.
Worse still, Mr. Ben-Oni said, “No one is running point on this.”
Last month, he personally briefed the F.B.I. analyst in charge of
investigating the WannaCry attack. He was told that the agency had been
specifically tasked with WannaCry, and that even though the attack on
his company was more invasive and sophisticated, it was still
technically something else, and therefore the F.B.I. could not take on
his case.
The F.B.I. did not respond to requests for comment.
So Mr. Ben-Oni has largely pursued the case himself.
But in this case, modern-day detection systems created by Cylance,
McAfee and Microsoft and patching systems by Tanium did not catch the
attack on IDT. Nor did any of the 128 publicly available threat
intelligence feeds that IDT subscribes to. Even the 10 threat
intelligence feeds that his organization spends a half-million dollars
on annually for urgent information failed to report it. He has since
threatened to return their products.
“Our industry likes to work on known problems,” Mr. Ben-Oni said. “This
is an unknown problem. We’re not ready for this.”
No one he has spoken to knows whether they have been hit, but just this
month, restaurants across the United States reported being hit with
similar attacks that were undetected by antivirus systems. There are
now YouTube videos showing criminals how to attack systems using the
very same N.S.A. tools used against IDT, and Metasploit, an automated
hacking tool, now allows anyone to carry out these attacks with the
click of a button.
Worse still, Mr. Ben-Oni said, “No one is running point on this.”
Last month, he personally briefed the F.B.I. analyst in charge of
investigating the WannaCry attack. He was told that the agency had been
specifically tasked with WannaCry, and that even though the attack on
his company was more invasive and sophisticated, it was still
technically something else, and therefore the F.B.I. could not take on
his case.
The F.B.I. did not respond to requests for comment.
So Mr. Ben-Oni has largely pursued the case himself.
--
RS Wood <***@therandymon.com>
RS Wood <***@therandymon.com>