Bluekeep Attack: They're Not Worms

Bluekeepattack
https://pixabay.com/photos/cyber-security-cybersecurity-3480163/

The initial discovery of the Bluekeep security vulnerability ignited fears among many Windows users because of its wormable property. A lot of security experts thought that it might be the next security threat with an impact similar to the WannaCry and Notpeya worms. But now that the Bluekeep attacks are happening, the only noted effects so far are breaking into the Windows system and installing a cryptocurrency miner.

The U.K. National Cyber Security Centre first discovered the initial warning Bluekeep (CVE-2019-0708). It was described as having a wormable remote code execution property or something that can self-propagate within a network system. Since its discovery, Microsoft immediately released a patch on May 14 to inform users to update their unpatched systems, and a much more urgent warning was also released on May 30. Even the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory to warn all Windows users of the potential of Bluekeep to have a devastating impact. The Bluekeep vulnerability exists in pre-Windows 8 version of Microsoft Windows—that includes Windows Server 2003, Windows XP, Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2.

It's already happening

The Bluekeep attack is currently underway according to security researcher Kevin Beaumont who named the vulnerability and Marcus Hutchins, who was responsible for mitigating the WannaCry worm. It's wormable property was based on the fact that the attackers search for unpatched Windows systems that have Remote Desktop Services (RDP) 3389 ports exposed to the internet. Although it was initially feared it would wreak havoc, it was only noted to install a cryptocurrency miner after breaking into vulnerable Windows systems.

The threat remains

While it seems that we can already breathe from another major security attack, the threat remains. The attacks so far are happening on a small-scale, and the possibility of dropping a more malicious and devastating effect can still happen anytime. After all, cryptocurrency miners can even exploit your resources and can still be used to install the malware in your computers.

The thing is we can guard ourselves against this Bluekeep attack. As long as you update your Windows with the latest patches, then you are practically safe now from this looming cybersecurity threat. Security researchers are still on the hunt to mine the bigger consequences of this, but as end-users, it's our responsibility to protect ourselves from any attacks by installing the latest updates to fix the problems that we have right now.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics