Hackers release new virus from US agency
BRITAIN: Hackers have adapted a second cyber weapon stolen from US spies and released it on the internet to be picked up by criminals, it was reported last night (Monday).
The new hacking tool also exploits weaknesses in older versions of Microsoft Windows software and was stolen from the US National Security Agency, like the stolen tool that formed the basis of last week’s Wannacry attack.
The tool, called Esteemaudit, has been adapted and is now available for criminal use, analysts told the Financial Times. The leak raises the prospect of another wave of cyber attacks like the one that struck more than 150 countries and crippled parts of the NHS on Friday.
In response, Britain’s cyber spies are calling on the skills of bedroom computer prodigies such as the 22-year-old surfer credited with helping to stop Friday’s attack.
Government intelligence agencies want them to work alongside their own in-house experts.
Security sources told the Telegraph they were working with Marcus Hutchins, who uses the name Malware Tech, and others to try to stop the spread of the Wannacry ransomware attack.
Security sources said spy agencies such as GCHQ and the National Cyber Security Centre had long had a policy of reaching out to leaders in the cyber security field who may be working alone.
One source said: ‘‘We work with a lot of different people. Some of those are people that you wouldn’t necessarily expect us, or large organisations, to work with. We need to reach out to these bright young things and get their expertise.’’
Conor Mckenna, a computer security expert at the University of Birmingham, said that many of the most gifted people in the field preferred to work alone, or in the private sector, rather than for government.
He said most computer hackers were wrongly portrayed as criminals, when in fact many of them just wanted to test their skills against computer systems to expose flaws and weaknesses.
Hutchins, from Devon, has been credited with stopping the Wannacry attack from spreading across the globe by accidentally triggering a ‘‘kill switch’’. The selftaught expert is understood to have stopped the incident escalating from a small bedroom in his parents’ house.
Meanwhile, a Pentagon equipment watchdog said new Apache helicopters, F-35 stealth fighters and submarine-hunting Boeing P8 patrol planes being purchased by the UK from the US could all be vulnerable to cyber attack.
A Ministry of Defence spokesman said: ‘‘All equipment and systems are rigorously tested before entering and throughout their service so that vulnerabilities are identified and eliminated.’’ - Telegraph Group