CISA Prepares For Another ‘WannaCry’ Incident: Says Something Big is Coming to The Entire Cyber-Space

According to Assistant Director Jeanette Manfra of the Cybersecurity and Infrastructure Security Agency (CISA) – A Division of the US Department of Homeland Security, there is an impending cyberattack of an even greater magnitude than the ‘2017 WannaCry Attack’ to be expected within the next few years.

As a branch of the Department of Homeland Security (DHS) focused mainly on cybersecurity, CISA becomes wholly in charge of protecting and increasing the security of critical government networks by means of collaborating with the private sector on a global scale. And as such any threat within the aforementioned jurisdiction falls under the responsibility of the agency. 

Just last week at the TechCrunch Disrupt in San Francisco, California, following a statement by Manfra who analyzed the current situation of cyberspace to be at a very vulnerable state. Elaborating further, the former Senior Counsellor to the Secretary of the DHS highlighted on the uncertainty of preventing such attacks in the near future but also emphasizes on the readiness of the department in the event of such occurrence. Stressing yet on the ‘WannaCry Attack’ she said;

“I don’t know that we could ever prevent something like that, we just have something that completely manifests itself as a worm. I think the original perpetrators didn’t expect probably that sort of impact.” 

Nonetheless, she also added that;

“Updating your patches would have prevented a good quantity of individuals from being a sufferer.”

The Bluekeep Glitch

All of these statements about a worldwide ransomware attack comes as a warning against a looming loophole in Bluekeep, which was detected a few months back. The ‘Bluekeep’ terminology was coined by another cybersecurity expert – Kevin Beaumont in a tweet, as it often leads to a Blue screen when exploited.

The Bluekeep glitch is a “wormable” vulnerability that was first reported sometime in May on Microsoft’s Remote Desktop Protocol (RDP) that allows for remote code execution. This bug was initially believed to be present in all unpatched versions of the NT-based Windows ranging from Windows 2000 through Windows Server 2008 R2.

While the much newer versions such as Windows 7 and all other versions upwards to Windows 10 were prone to the ‘Dejablue’ flaw. Subsequently, this error could compromise over a million internet-connected gadgets from all over the world that are connected and susceptible to Microsoft’s BlueKeep.

Although Bluekeep shares similar characteristics to other wormable viruses such as the NotPetya and WannaCry bug, all of which are capable of creeping into weak computer systems on a broader network. And given that the Bluekeep bug allows for remote access from unlicensed third-party agents, it is only a matter of time before ‘Black hackers’ exploits this vulnerability.

Notwithstanding, the Expert Cybersecurity Analyst – Manfra guarantees that extreme measures by the governments of multiple nations are underway to help manage such incidents if and when it happens.