The recent ransowmare Petya and WannaCry attacks have affected many users by exploiting the EternalBlue vulnerability for Windows PCs, let's find out what it is
Tens of thousands of computers have been infected in the last month by two of the biggest attacksĀ hackers in history. We are talking about WannaCry and Petya. At the heart of this new wave of viruses is a Windows vulnerability called EternalBlue.
EternalBlue is a cyber weapon that cyber criminals, belonging to the Shadowbrokers group, stole months ago from the US National Security Agency (NSA). As mentioned, it is a vulnerability that exclusively affects Microsoft home operating systems. Wanting to properly name things we will have to call it EternalBlue MS17-010. This is the name through which the US IT giant first identified it. Microsoft to be fair had announced that it had released a security patch last March that promised to remedy this vulnerability. But WannaCry proved that many users didn't listen to the Redmond-based company's words.
What is EternalBlue
It's easy for cyber attacks to target computers with this flaw because they manage to exploit a security problem on Microsoft Server Message Block 1.0. This is nothing but a sharing protocol for network files. Basically, it is the system through which computers in a network exchange documents. Microsoft has stated that the patch released was not enough but above all has put his hand again to Windows XP, after the support had ended since 2014. EternalBlue not surprisingly is more effective on Microsoft's older and never updated operating systems.
Is my pc vulnerable?
To understand if your computer is vulnerable to the EternalBlue flaw you can use a tool recently developed by the computer security company Eset. In fact, as the group of experts explain in a statement, "The problem is not in WannaCry or Petya per se. On paper they are malware that we can block with today's security systems. However, these exploit EternalBlue to bypass all controls and encrypt our files. Therefore, it is essential to understand if your PC is vulnerable. Also because in the future, such attacks may be more frequent."
How to defend yourself
There are a few ways to defend yourself against attacks that exploit the EternalBlue flaw. First, we always check attachments and links that arrived via email. Both WannaCry and Petya spread via malicious links that arrived as attachments on emails. Secondly, we need to install Microsoft's security patch. This may not guarantee 100% protection but it will definitely make life more difficult for cyber criminals.