In terms of security, the year 2017 is shaping up to be one of the most challenging and hazardous for users of enterprise networks. From booby-trapped Microsoft Word documents to highly technical leaks of exploits used by United States intelligence and espionage communities, the information security (infosec) threat environment has been at historically elevated levels since January.
Recent Major Data Breaches
About a month ago, IT security analysts around the world were astonished to learn that Wikileaks, the controversial online platform for the distribution of whistleblower documents and government secrets, released a cache of Central Intelligence Agency hacking tools and classified documents dealing with cyber espionage. Although the information cache did not contain full versions of working malware, the code snippets and technical discussion prompted security researchers to start coming up with patches for operating systems, web browsers and other applications that connect to the internet.
On April 14, a shadowy group known as the Shadow Brokers released a worrisome treasure trove of hacking tools used by the National Security Agency. Many of the tools feature remote code execution attacks targeting Windows computers, particularly those connected to enterprise servers. This is not the first time the Shadow Brokers have embarrassed the NSA; however, their political intentions seem to have shifted against the Trump administration at a time when the White House is besieged by investigations into alleged ties to the Kremlin, which Shadow Brokers may also be connected to.
Security Experts Explain the Implications
Security analysts believe that the Wikileaks release may have emboldened the Shadow Brokers. In fact, the hackers may have tried to sell the NSA hacking tools, which have been deemed to be very powerful, to potential buyers on the Dark Web. It is also believed that Microsoft may have canceled its February security update because it was too busy patching up the NSA exploits against Windows.
Yet another exploit detected in early April targeted the Windows Object Linking and Embedding (OLE) feature, which took advantage of weaknesses in Microsoft Word and other Microsoft Office applications. Many exploits have been patched, and security researchers continue to work on security fixes. Needless to say, IT managers and small business owners should make sure that their networks are protected and up-to-date in these trying times.