The latest Wikileaks dump revealed one of the most virulent and destructive strains of malware that we have ever seen.
Created by the NSA and privately contracting cybersecurity experts, it is able to target all versions of the Microsoft Windows operating system, completely take it over and steal whatever data it chooses, then delete what it wants and upload more malware.
“Athena” as it is known, infests a computer with malware that sets up beacons which are able to control all of the functions of an operating system through remote instructions.
This means that whoever is controlling Athena is able to change configuration and task handling, memory loading and unloading of malicious payloads for specific tasks and the manage the delivery and retrieval of files to and from a specified directory on the infected system.
In other words, Athena places the complete control of the targeted computer in the hands of a remote operator without any possibility of being detected.
We now have two known cases of what I call “Government Sponsored Malware” or GSM, where our own government agencies have developed deadly strains of malware that attack vulnerabilities in Windows software known only to those agencies and un-reported to the software vendor. Athena follows the release of WannaCry, and both are brought to you by those zany folks at the NSA.
And should your inclination be to get angry at Wikileaks, consider Microsoft’s response which has been to file a broad-reaching lawsuit against the Federal government. The messenger is not the problem here.
It’s our own team.
The government’s justification will be that unless you are an enemy of the state, you have nothing to fear. These malware strains and exploits are only weapons to be used against bad guys. While I am willing to accept that their intentions were honorable, the outcome nonetheless has been brutally destructive. We just saw the impact of the first round of WannaCry exploitations and attacks into the wild a couple of weeks ago and it wasn’t pretty.
Big organizations like FedEx and Briton’s National Health Service were among the 330,000 or so computer victims in over 200 countries worldwide. It literally put lives at risk by paralyzing computers at state-run medical facilities across the U.K. And it was only the beginning.
We expect additional and improved iterations of the WannaCry strain in the next few weeks. With Athena on its tail, it should be an entertaining summer.
These strains of government-sponsored malware leaking into the wild and forming the basis for advanced malware attacks is an issue that is failing to get any attention in Congress while they instead seem fixated on non-events like the alleged Russian hack and whether or not Trump obstructed justice by a loose comment to the head of the FBI. Really? Is that what we are paying these guys for?
While they are bloviating in these seemingly endless Senate hearings designed to uncover nuggets of conversations that may or may not lead to conclusive evidence over matters of trivial importance, we are witnessing the birth of a new generation of advanced malware more powerful than anything that preceded it by an order of magnitude and no one in a position of authority at the highest levels of government seems able to recognize the danger let alone act on strategies for prevention.
The fact that these leaks originate with the NSA’s inability to secure their own weapons should be cause enough for congressional concern.
Their repeated demonstrations of incompetence should be sufficient evidence to establish an investigative committee to assess and then correct the problem before it continues to release additional viruses on a defenseless world.
Instead, we investigate whether Trump breached protocol? Really?
In their complaint, Microsoft’s chief lawyer Brad Smith correctly noted that this is the real world equivalent of the theft of cruise missiles. Actually, it is worse. It is the equivalent of forgetting to lock the missile barn. Would congress ignore that?
In the next few weeks we will see an abundance of attacks using both WannaCry and Athena strains of malware. I suspect the damage will be catastrophic.
We are in a global war against malware. If congress can’t get out of its own way to begin addressing the issue, the U.S. government should at least stop contributing to the enemy and join forces with the good guys.
We need all the help we can get.