A newly discovered software flaw has prompted fears of another cyberattack in the style of the WannaCry ransomware that hit the NHS and other organisations across the world.
The vulnerability in popular networking software Samba could potentially affect hundreds of thousands of devices.
It leaves those devices exposed to attackers who could potentially remotely upload and execute code to take control of affected computers.
The US Department of Homeland Security announced the vulnerability and encouraged system administrators to apply a patch released by Samba.
In April, a group calling itself the Shadow Brokers leaked a software exploit named EternalBlue which was then used by WannaCry to infect NHS computers, for which a patch was available a month prior.
System administrators needed to apply the patch, however, and this did not happen in many NHS trusts.
Much like the vulnerability that WannaCry exploited in Microsoft operating systems, the flaw in the Samba code, which affects Linux and Unix-based operating systems, has existed for more than five years but was only recently detected.
WannaCry was what researchers call "wormable", meaning it was able to replicate itself to infect more vulnerable machines without being controlled by user actions.
These researchers also believe the Samba vulnerability may be wormable. They believe it would be more difficult for attackers to develop that capability - but not impossible.
Speaking to Sky News on the condition of anonymity, one researcher said: "There are a lot of important hosts with Samba exposed to the internet."
He informed us that the vulnerability has already been detected on television stations, at genetic research labs, and even on US military domains.
A spokesperson for the UK's National Cyber Security Centre (NCSC) told Sky News: "We are aware of this potential cyberthreat but there is no evidence of any significant impact."
NCSC's duty is to monitor for any impact if it arises during the coming days.
"We recommend that all users follow the guidance on the NCSC website - install the latest security software patches, back up data and use proper antivirus software services," the spokesperson said.
No comments:
Post a Comment