A search performed recently of the top 50 cities in the U.S. that had publicly facing network protocols open to potential compromise by the Wanna Cry Malware placed Los Angeles in first place, followed by relatively much smaller city, Cheyenne Wyoming.
I found this to be rather peculiar and asked a colleague of mine what was so significant about Cheyenne Wyoming. It turns out that the U.S. ICBM Command station is based there.
“Twentieth Air Force is responsible for maintaining and operating the Air Force’s intercontinental ballistic missile force. Designated as USSTRATCOM’s Task Force 214 (TF 214), 20th Air Force provides on-alert, combat-ready ICBMs to the President of the United States.Inter Continental Balistic Weapon” reports Wikipedia.
I decided to dig a little deeper to better understand what organizations are vulnerable to the exploit and discovered the following on shodan.io.
The company, CloudRadium LLC was at the top of the list. A dig deeper revealed that CloudRadium is a Chinese company. There may be an army of compromised machines in Cheyenne Wyoming waiting to attack other vulnerable computers. What we know is that computers with port 445 open may be susceptible to complete remote control take over by using recently leaked NSA exploits. These were disclosed in January of 2017, yet countless vulnerable hosts appear to remain vulnerable to remote exploitation. The concern is that these vulnerable targets may be controlled by foreign adversaries wanting to compromise the US National security. Lets hope the government has given all the leaked vulnerabilities from the CIA and NSA to Microsoft, Intel, Apple and other cell phone manufacturers.
Given the close proximity of Cloudradium LLC to the nearby ICBM Command US Air Force Base, this leaves me a little more than concerned.