WannaCry paralyzed hospitals. NotPeya crashed banks. But how to know if you’re vulnerable to the stolen National Security Agency exploit that fueled two major cyber attacks and helped bring down computers across the globe?
Thankfully, a new tool has your back.
After the Shadow Brokers hacking group dumped a cache of stolen NSA exploits in April, the cybersecurity community issued dire warnings that things were about to get really, really bad. But then Microsoft quickly chimed in to note that it had already patched the vulnerabilities in question.
“We’ve investigated and confirmed that the exploits disclosed by the Shadow Brokers have already been addressed by previous updates to our supported products,” a Microsoft spokesperson told Mashable at the time. “Customers with up-to-date software are already protected.”
One of the hoarded NSA vulnerabilities, dubbed EternalBlue, allows for the worm-like spread of malware across computer systems. And despite Microsoft’s assurances, it turns out that many people and organizations did not in fact update their computers with the available patch. WannaCry and NotPetya, which made use of EternalBlue, were the result.
That, in the face of clear warnings and readily available safeguards, people failed to protect themselves is a clear sign that many of those at risk don’t realize the precarious nature of their position.
Eternal Blues, a vulnerability scanner developed by Elad Erez, aims to change that.
“The majority of latest WannaCry, NoPetya (Petya, GoldenEye or whatever) victims, are not technical organizations and sometimes just small business who don’t have a security team, or even just an IT team to help them mitigate this,” writes Erez on his blog. “Running NMap, Metasploit [a penetration testing software] (not to mention more commercial products) is something they will never do. I aimed to create a simple ‘one-button’ tool that tells you one thing and one thing only – which systems are vulnerable in your network.”
The free software simply checks networks to see if they are still susceptible to EternalBlue.
“[Eternal Blues] helps finding the blind spots in your network, these endpoints that are still vulnerable to EternalBlue,” continues Erez. “Just hit the SCAN button and you will immediately start to get which of your computers are vulnerable and which aren’t. That’s it.”
Importantly, Erez does collect anonymized data on the results of the scan, but he also details a way to disable this information-sharing feature for the extra security conscious.
And if you do find that your computer is vulnerable? Make sure you install the Microsoft patch. And, as always, keep your operating system up to date.