NSA leaked Cyber weapons continue to wreak havoc on the global business community. Just yesterday, the New York Times released a story speculating that the NSA was hacked, presumably with the same tools they use to exploit their targets. Many of these exploits are only now beginning to be patched. Recent disclosures have shown that WiFi and Bluetooth have protocol related vulnerabilities that render most unpatched computing devices and smartphones vulnerable to remote takeover via Wireless drive-by attacks. If you haven’t already applied security patches to your smartphone and computing devices, the likelihood that your computing devices are compromised is high. Today is Patch Tuesday! It might be worth acting immediately and not taking too much time to deploy this month’s security patches.

I gave the keynote presentation at the Forensecure IIT 2017 conference earlier this year and disclosed that most Intel based computing devices have a secret back door that is being exploited. In the week following my presentation, Intel corrected their earlier misstatements and said the vulnerabilities only impacted business equipment. (I doubted the accuracy of their earlier disclosure and have now been proven to be correct in my earlier findings presented at the conference.)

In the last week, news reports detailed that most recent Intel chips run the Minix operating system that acts as a supervisory operating system on top of your computer. (Secret back door)  This impacts all major computing platforms. Exploitation of that obscure Minix operating system is now becoming more common place and known as a result of NSA and CIA cyber weapons dumped onto the Dark Web.

What should companies be doing to protect their infrastructure in light of the recent compromises?

Companies like Google have begun efforts to remove or turn off the Intel ME (Management Engine) that is part of the Minix supervisory computer sitting on the Intel chipset.  http://www.tomshardware.com/news/google-removing-minix-management-engine-intel,35876.html  

Most organizations today should be moving to disable the Intel ME components from their computing platforms in order to secure their systems from attack. We will likely see many more massive cyber security breaches due to the myriad of leaked secrets that are now starting to become incorporated into hacking suites used by security penetration testers and hackers alike.

If you are concerned that your organization may be at risk, you may want to give me a call or drop me an email! me at leeneubecker.com.