Hackers steal another cyber weapon from American spy agency
HACKERS have adapted a second cyber weapon stolen from US spies and released it on the internet to be picked up by criminals, it was reported last night.
The new hacking tool also exploits weaknesses in older versions of Microsoft Windows software and was stolen from the US National Security Agency, like the tool that formed the basis of last week’s Wannacry attack.
Major cyber security firms Symantec Corp and Kaspersky Lab said last night they were looking into possible connections between that global “ransomware” attack and programmes previously attributed to North Korea.
The two companies said some code in an earlier version of the Wannacry ransomware had also appeared in programmes used by the Lazarus Group, which researchers from many companies said is run by North Korea. There was no comment from Pyongyang.
The new stolen tool, called Esteemaudit, has been adapted and is now available for criminal use, analysts told the Financial Times. The leak raises the prospect of another wave of cyber attacks like the one that struck more than 150 countries and crippled parts of the NHS on Friday.
In response, Britain’s cyber spies are calling on the skills of bedroom computer prodigies such as the 22-year-old surfer credited with helping to stop Friday’s attack.
Security sources told the Telegraph they were working with Marcus Hutchins, who uses the name Malware Tech, and others to try to stop the spread of the Wannacry ransomware attack.
Security sources said spy agencies such as GCHQ and the National Cyber Security Centre had long had a policy of reaching out to leaders in the cyber security field who may be working alone.
One source said: “We work with a lot of different people… We need to reach out to these bright young things and get their expertise.”
Conor Mckenna, a computer security expert at the University of Birmingham, said that many of the most gifted people in the field preferred to work alone, or in the private sector, rather than for government.
Mr Hutchins, from Devon, has been credited with stopping the Wannacry attack from spreading across the globe by accidentally triggering a “kill switch”.
In a blog, he described how he stopped the spread of the virus by purchasing a web domain for £8 and by redirecting it elsewhere. He reportedly shouted “eureka” when he realised he had halted the spread of the criminal software. Last night, his mother said she was ‘’very proud’’ of her son and that he was in London “at a meeting”.
Meanwhile, a Pentagon equipment watchdog said new Apache helicopters, F-35 stealth fighters and submarine-hunting Boeing P8 patrol planes being purchased by the UK from the US could all be vulnerable to cyber attack.
A Ministry of Defence spokesman said: “All equipment and systems are rigorously tested before entering and throughout their service so that vulnerabilities are identified and eliminated.”