Originally published on June 19, 2017 on TechTarget. Alvaka’s COO and CISO, Kevin McDonald, examines the real-world damage caused by CIA and NSA data leaks, putting dangerous government cyberweapons in the hands of hackers.
WikiLeaks’ CIA data dump shook a lot of regular folks because it showed that the U.S. government can allegedly monitor not only social media, but inside cars, offices and homes through a variety of electronics. PCs; Macs; and iOS, Android and Windows phones are all potential targets. It revealed that internet of things devices, smart TVs, cameras, routers, switches and maybe even refrigerators are all vulnerable.
But this is not news, and it should be a matter of general knowledge by now. The specific techniques are coming to light, but no one should be surprised that the U.S. intelligence community had these hacking capabilities. Many think it’s great that this information has come out. I am not one of them.
The recent WannaCry ransomware attack is an example of the predictable damage to come from intelligence leaks. WannaCry leveraged a Microsoft Windows vulnerability and spread itself through the Server Message Block file-sharing protocol. Microsoft patched several of the zero-day vulnerabilities before the data was released by the Shadow Brokers. WannaCry provided a front-row view of what happens when organizations maintain and use zero-day vulnerabilities.
Why is WannaCry relevant to the NSA and CIA hacks? Because the vulnerability it leverages was attributed to the EternalBlue exploit released in a Shadow Brokers dump of alleged NSA exploits in May 2017.
The recent WannaCry ransomware attack is an example of the predictable damage to come from intelligence leaks.
This is just one example of what will likely be a tidal wave of advanced attacks as leaks continue from insider threats and outside hackers. I am confident that the NSA leaks and the massive amounts of CIA data released by WikiLeaks will impact American national security and global cybersecurity for some time…
Click here to read the full article on TechTarget.
Blog written by Kevin McDonald, COO & CISO – Alvaka Networks
Kevin B. McDonald is the chief operating officer and chief information security officer at Alvaka Networks. Kevin is a trusted technology and security practitioner and public policy advisor to some of America’s most influential people and organizations. He advises corporate executives, federal and state legislators, law enforcement, high net worth individuals and other business leaders. He is a sought after consultant, writer, presenter and trainer on the issues surrounding personal, physical and cyber security, compliance and advanced technology. Kevin has written for and been interviewed by dozens of national publications and on major television, radio and digital outlets.
Smoke testing is a term used to describe the testing process for servers after patches are applied. 
Estimating an average time for patching servers and PCs can be a bit tricky. It can vary from one month to the next, depending upon the number and complexity of the patches released by your software vendors. You must consider all versions of operating systems and have a complete inventory of all your application software to do this job correctly. Our experience has shown that manual patching of systems takes on average of about 1.5 hours each.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.