country
$20 Bonus + 25% OFF
Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

Name Security Vulnerability Eternal Rocks

tag 0 Download5 Pages / 1,169 Words tag Add in library Click this icon and make it bookmark in your library to refer it later. GOT IT

Question:

Discuss About The Name Of The Security Vulnerability Eternal Rocks?

 

Answer:

Introducation

A serious and very dangerous ransomware that has been generally identified as the next evolution of the previously used WannaCry group of ransomware. Similar to WannaCry, EternalRocks may encrypt the host files of the systems it infects however, it's said to be stronger than its predecessor which had many operational loopholes thus was easier to slow down and even circumvent (Trend micro, 2017). In lights of this new threat, the profile below analyses risks of the threat and provides a detailed account of the systems it attacks as well as the exploitation and mitigation procedures.

Systems that are attacked

Discovered by Croatian ICT expert by the name Miroslav Stamper, EternalRocks operations like any other worm where its propagation is led by the flaws seen in the SMB protocol i.e. the so called EternalBlue flaws (Paganini, 2017). Now, the SMB (Server Message Block) protocol is a file sharing protocol that is used by Microsoft Windows systems to transfer files (data) over networks. The protocol is mostly used in the application layer where it serves as presentation protocol for the transferred data. Therefore, based on the protocol that the ransomware exploits, this threat is purely based on Windows systems i.e. servers and PC that use Windows operating systems.

EternalRocks also seem to hold a deeper malicious intention as it lays dormant in machines awaiting future instructions that could basically ‘weaponise’ it. In essence, unlike WannaCry which deliberately encrypted files or infected machines with malware to form botnets, EternalRocks in its newly discovered form infects machines and awaits other commands that could activate it in the future (Microsoft, 2017). Furthermore, it lacks an all-inclusive kill switch, similar to the one used to mitigate the attacks presented by WannaCry which further increases its severity. In addition to this, Eternal Blue (the Microsoft Windows vulnerability) has a 24 hours delay timer for its activation which has increasingly frustrated the studies of understanding the malware.

Attack procedure

First and foremost, the threat (EternalRocks) disguises itself as the old and controllable WannaCry worm. In the process, the mitigation procedures used are then focused on ransomware attacks, however, the infected computers are compromised and are used to power other background attacks, which may not necessarily include ransomware attacks (Paganini, 2017). Furthermore, based on the NSA’s hacking tools, EternalRocks uses seven of the exploits leaked in the past by the Shadow Brokers (a group of black hats). These exploits include; EternalBlue, eternal romance, ArchTouch, and DoublePulsar among many others. Now, based on the researcher’s findings, the malware will download a series of these exploits into the host machines and then use the infected computers to explore the internet for unprotected SMB ports.

These exploits may serve a common purpose of compromising the affected systems however, they do not operate in the same procedures. For instance, the DoublePulsar is used to implement network capabilities based on its networking exploits. On the other hand, ArchTouch is primarily used as a reconnaissance tool for SMB ports. However, EternalRocks heavily focuses on the EternalBlue exploits where the following attack procedure is used:

First, the identification of a vulnerable system having an open and unpatched port. This step is executed randomly across the internet or towards a certain network targeted by the attackers.

Activation of the remote code is done using the EternalBlue exploit.

A DoublePulsar doorway is uploaded into the infected system, this doorway is used for business subsequent attacks.

A payload, having the actual infection is uploaded using the back door created using the DoublePulsar exploit. This payload maybe a ransomware or even a botnet worm that could effectively hide from the visible system.

Finally, an extension code that replicates in other systems is introduced which helps the attack continue on its own without human intervention. Essentially, it is this last step that makes most attacks dangerous as they can infinitely replicate themselves into many other connected systems (Cylance, 2017).

At an operational level, this attack procedure may seem too vague to understand which necessitates the practical procedure identified by the threat researchers. In their attempt to understand the threat, a honeypot containing the Window’s SMB exploits was used yielding the following results. First, EternalRocks downloaded a Tor web browser to the infected system, this step was achieved using UpdateInstaller.exe malware plus .Net parameters. Moreover, the web application was then used to connect to the C&C (Command and control) server which is usually hosted in the Tor networks. Finally, the attack procedures were delayed by 24 hours in order to avoid the mitigation procedures implemented for other similar attacks i.e. the sandboxing mitigation techniques (Paganini, 2017).

Mitigation procedure

One thing stands outs in this analysis that of unprotected ports i.e. unpatched ports. The risk of this vulnerability to any organization is exponentially high as so many attacks can be conducted once the exploits identified above are successfully used. For one, an organization risk losing control over their system as they can be remotely accessed. Secondly, the same organization’s system (machines) can be used as botnet thus lowering their productivity and in the process partake in illegal activities. Finally, consider the back door opened by the EternalRocks threat where other attacks such as ransomware can be used to exploit the users. These risks outline the serious threat faced by organizations that lack the necessary mitigation procedures, which in this case is patched systems, where system administrators should install the necessary system revisions introduced by Windows themselves. Furthermore, the same organizations should protect their network ports using all the necessary security procedures i.e. access control, firewalls and intrusion systems among others (Trend Micro, 2017).

 

Conclusion

Reflecting back on the analysis conducted so far by worldwide researchers, the EternalRocks threat as a whole seem to infect global systems without any form of distinction, which clearly places it in the international technology security scene. Furthermore, similar to other cyber-attacks, the threat requires renewed legislation that could potentially cover the exploits and vulnerabilities used by the perpetrators. In essence, the current legal system (at an international level) may lack the necessary tools to deal with the problem. However, in terms of the mitigation procedures, the patches offered by Windows could serve as sufficient control procedures as they prevent the attacks before they happen. Nevertheless, the stated exploits should be eliminated in future systems altogether.

 

References

Cylance. (2017). Threat Spotlight: EternalBlue Exploit Breeds EternalRocks Malware. EternalRocks. Retrieved 09 August, 2017, from: https://www.cylance.com/en_us/blog/threat-spotlight-eternalblue-ransomware-eternalrocks-worm.html

Microsoft. (2017). Microsoft SMB Protocol and CIFS Protocol Overview. Windows Dev Centre. Retrieved 09 August, 2017, from: https://msdn.microsoft.com/en-us/library/windows/desktop/aa365233(v=vs.85).management

Paganini. P. (2017). Expert founds EternalRocks, a malware that uses 7 NSA Hacking Tools. Cyber warfare. Retrieved 09 August, 2017, from: https://securityaffairs.co/wordpress/59355/malware/eternalrocks-malware.html

Trend micro. (2017). EternalRocks Emerges, Exploits Additional ShadowBroker Vulnerabilities. Cybercrime and digital threats. Retrieved 09 August, 2017, from: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/eternalrocks-emerges-exploits-additional-shadowbroker-vulnerabilities

Download Sample

Get 100% money back after download, simply upload your unique content* of similar no. of pages or more. We verify your content and once successfully verified 100% value credited to your wallet within 7 days.

Upload Unique Document

Document Under Evaluation

Get Credits into Your Wallet

*The content must not be available online or in our existing Database to qualify as unique.

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2018). Name Security Vulnerability Eternal Rocks. Retrieved from https://myassignmenthelp.com/free-samples/name-security-vulnerability-eternal-rocks.

"Name Security Vulnerability Eternal Rocks." My Assignment Help, 2018, https://myassignmenthelp.com/free-samples/name-security-vulnerability-eternal-rocks.

My Assignment Help (2018) Name Security Vulnerability Eternal Rocks [Online]. Available from: https://myassignmenthelp.com/free-samples/name-security-vulnerability-eternal-rocks
[Accessed 09 July 2020].

My Assignment Help. 'Name Security Vulnerability Eternal Rocks' (My Assignment Help, 2018) <https://myassignmenthelp.com/free-samples/name-security-vulnerability-eternal-rocks> accessed 09 July 2020.

My Assignment Help. Name Security Vulnerability Eternal Rocks [Internet]. My Assignment Help. 2018 [cited 09 July 2020]. Available from: https://myassignmenthelp.com/free-samples/name-security-vulnerability-eternal-rocks.


For years now, MyAssignmenthelp.com is providing affordable essay help to millions of students worldwide. Our essay assistance services have helped us in assisting students with even the toughest essay assignments. We take pride in the fact that we cater the best assistance to search terms like help me with my essay. We offer affordable services in the fastest way possible. For our fast delivering services, students trust us with their urgent essay assignment needs. Two of our most popular essay writing services are maths essay help and English essay help.

Latest Management Samples

ISYS1055 Database Concepts For Decomposition And Functional Dependency

Download : 0 | Pages : 3
  • Course Code: ISYS1055
  • University: RMIT University
  • Country: Australia

Answer: Answer to Question 1: The candidate key for the doctor table is Rego. The candidate key for Patient Table is ID. The appointment table has candidate key, ID. The tables are already in third normal form. All the attributes in the database are atomic. Each of the tables has primary key. There is no non-functional dependency or transitive dependency. Answer to Question 2: Functional Dependency: The given custID has been presented as ...

Read More arrow Tags: Australia Melbourne Accounting Accounting theory and accountability University of Melbourne 

ACC203 Management Accounting Method

Download : 0 | Pages : 10
  • Course Code: ACC203
  • University: Elite Educational Institute
  • Country: Australia

Answer: 1. Explaining how the management accountant can help contribute design and operations of the new management accounting system for the new hospital: Being the management accountant relevant skill is needed by the individuals for adequately conducting operations. The same skills of a management accountant can help in designing and operating the new management accounting system for the new hospital. In addition, the management accounting...

Read More arrow

HI6026 Audit, Assurance And Compliance For Australian Security Exchange

Download : 0 | Pages : 9

Answer: Introduction Auditing is the process to examine the financial statements of the business entities in order to find out any material missstements in them. While auditing the statements, the responsibility of the auditors is to take into consideration the major risks of material misstatements and to take necessary steps to reduce them. On the other hand, Australian Security Exchange (ASX) has provided the companies with eight principles i...

Read More arrow Tags: Australia Campsie Management University of New South Wales 

NUR4232 Protecting Your Clients In The Conduct Of Research

Download : 0 | Pages : 21
  • Course Code: NUR4232
  • University: National Center For Biotechnology Information
  • Country: United States

Answer: Introduction Evidence-based models use a process for framing a question, locating, assessing, evaluating, and repeating as needed. PICO (T) elements include: Problem/Patient/Population, Intervention/Indicator, Comparison, Outcome, and (optional) Time element or Type of Study. The question for this study is as follows: In patients aged 60 years and above (P), what is the effect of being administered the influenza vaccine (I) on contra...

Read More arrow

CP5639 Conceptual Modelling For Attributes And Different Relationships

Download : 0 | Pages : 5
  • Course Code: CP5639
  • University: James Cook University
  • Country: Australia

Answer: Discussion This report discusses the solution for the conceptual modelling of the Joanne Myers Apartments. Conceptual modelling involves following a few steps in order to achieve the final conceptual model for the database. The first step is thoroughly studying the case study to get information on all the entities and their attributes and different relationships that exist between the entities. After identifying the entities, the next...

Read More arrow
Next
watch

Save Time & improve Grade

Just share Requriment and get customize Solution.

question
We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits

1,358,337

Orders

4.9/5

Overall Rating

5,081

Experts

Our Amazing Features

delivery

On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.

work

Plagiarism Free Work

Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.

time

24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.

subject

Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.

price

Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 5/5

230 Order Completed

97% Response Time

Liya Han

Master Of Science in Geotechnical Engineering (MSc Geotec)

Singapore, Singapore

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

1265 Order Completed

97% Response Time

James Cook

Masters in Management

Wellington, New Zealand

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

755 Order Completed

95% Response Time

Douglas Cowley

Masters in Finance with Specialization in Audit

Wellington, New Zealand

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

234 Order Completed

100% Response Time

Samantha Ji

PhD in Chemistry with Specialization in Organic

Singapore, Singapore

Hire Me

FREE Tools

plagiarism

Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.

essay

Essay Typer

Get different kinds of essays typed in minutes with clicks.

edit

GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.

referencing

Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.

calculator

Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability

1

1

1

Your Approx Earning

Live Review

Our Mission Client Satisfaction

I really got good marks in that assignment, I wish you guys keep working like that to solve student problems with reasonable price. Thanks wkjkljtwoitqw ewrwiouie weu quie weuqwueit

flag

User Id: 401482 - 09 Jul 2020

Australia

student rating student rating student rating student rating student rating

Great work, i will recommend you to my friends and surely use your service again. Great references and APA format.

flag

User Id: 81173 - 09 Jul 2020

Australia

student rating student rating student rating student rating student rating

Worest report, they didn’t know the anything. At least they don’t read the template and waste of money and time

flag

User Id: 451873 - 08 Jul 2020

Australia

student rating student rating student rating student rating student rating

GOOD SERVICE BUT NEED TO WORK ON TIME LIMITS. THAT\'S IT. JUST NEED TO SUBMIT ON TIME.

flag

User Id: 283077 - 08 Jul 2020

Australia

student rating student rating student rating student rating student rating
callback request mobile
Have any Query?