What would you do if a hacker had access to all of your sensitive documents and data through a machine that they had exploited, with access to control your webcam as well as monitor the screen and keyboard?
It’s not something out of action movie, what we’re describing is Eternal Blue, a cyber attack that preys on businesses not updating their systems.
Whilst this cyber attack can essentially immobilise a business, it’s avoidable through basic cyber security practices.
In our latest blog post to raise awareness about the dangers of cyber attacks, we’re taking a look at Eternal Blue, the damage it can do and how you can prevent your business from being affected.
Watch the Eternal Blue Video
Read Video Transcript
Behind the Hack – EternalBlue – Time to Update
We’re all guilty of not updating our devices, systems and software.
When we’re busy working hard in the business, it’s easier and quicker to just ‘put it off’, but right now we can exclusively reveal, thanks to our ethical hacker, the devastating effect using out of date and non-updated technology can have on your business.
It happens every day…we’re made aware of available updates but even if it’s labelled “critical” we think: ‘what’s the worse that can happen?’ Well, we can show you from our hackers’ point of view.
Even in today’s modern world, as soon as a new system, service or piece of software is created, there are people looking for ways to hack it. Right now you’re looking at ‘EternalBlue’, developed to exploit a vulnerability in some versions of Microsoft products.
The updates your computer tells you about contains vital patches to secure these vulnerabilities as soon as they’re discovered.
In this case here’s an older version of a Windows server that hasn’t yet been updated. Our hacker uses some special monitoring software to identify the target machine, establish a connection by linking IP addresses and ports, then with a simple command, view all the private credentials used to access the network
Our hacker can then do whatever they want; launch a further attack, steal and lock your data, run some code to monitor your screen, even detect keystrokes or spy on you and your staff with your webcam.
All businesses rely so much on technology these days, so talk to us about how you can be better protected without having to do the work yourself.
What Is Eternal Blue?
External Blue is an exploit that was created by the US National Security Agency which targets a vulnerability in Windows machines. In 2017, a hacking group were able to access and leak Eternal Blue as part of an attack on the NSA.
Whilst a patch was released by Microsoft one month after the leak, many system administrators did not update, leaving their machines vulnerable to the exploit.
In May 2017, Eternal Blue exploit was used to spread the infamous WannaCry ransomware that went on to infect over 230,000 Windows PCs in a single day, entire businesses were crippled and notable organisations such as the NHS were severely impacted.
How Does It Work?
With specialist monitoring software, a hacker can identify machines that have not been updated and are therefore vulnerable to Eternal Blue.
After establishing a connection by linking IP addresses and ports, the hacker can use a single command to gain complete unobstructed access to the device and all of the files it contains.
With access to your machine, a hacker can carry out further attacks, view your private credentials, steal and lock data, and even run code that allows them to monitor your screen, see your keystrokes and, perhaps most disturbing, spy on you through your webcam.
How To Prevent Eternal Blue Attacks
In the case of Eternal Blue, preventing your machine from being exploited means ensuring you have the most recent updates installed on the machine.
Whilst it can be easier to put them off, these updates contain vital patches to secure vulnerabilities as soon as they are discovered.
If you are struggling to stay on top of updates or are finding they impact efficiency, consider using a dedicated cyber security provider who can update your machines out of hours on a regular basis to ensure they are protected.
Protect Your Business with Absolutely PC
Is your business keeping all machines and software up to date with the latest updates? If not, you could be leaving yourself at risk of the devastating impacts of Eternal Blue and similar attacks.
To find out more about protecting your business against all forms of cyber attack, call us today on 0117 975 9523 or fill out a contact form and we will get back to you.
Other Posts for you to Enjoy