Patch Lady – 31 days of Paranoia – Day 14

If you have a bit of time on your hands, take a stroll through the FBI’s most wanted for Cyber security attacks.  You’ll find Russian hackers targeting our elections as well as one gentleman who

is allegedly a North Korean computer programmer who is part of a state-sponsored hacking organization responsible for some of the costliest computer intrusions in history, including the cyber attack on Sony Pictures Entertainment, a series of attacks targeting banks across the world that collectively attempted to steal more than one billion dollars, and the WannaCry ransomware attack that affected tens of thousands of computer systems across the globe.

 

Park was alleged to be a participant in a wide-ranging criminal conspiracy undertaken by a group of hackers employed by a company that was operated by the North Korean government.  The front company – Chosun Expo Joint Venture, also known as Korea Expo Joint Venture – was affiliated with Lab 110, one of the North Korean government’s hacking organizations.  That hacking group is what some private cybersecurity researchers have labeled the “Lazarus Group.”  On June 8, 2018, a federal arrest warrant was issued for Park Jin Hyok in the United States District Court, Central District of California, after he was charged with one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer-related fraud (computer intrusion).

The NHS was impacted to an estimated 92 million pounds (assuming I have my monetary naming correct).  The disturbing concern of WannaCry was that most were impacted by the ransomware attack due to the fact that they had not installed updates to protect from the Eternal Blue exploit.  The patch was available but many had not yet installed it for various reasons.

Yet today we are in a position where many are concerned to patch as well.  Vendor drivers were inadvertently pushed out this week causing some to lose audio (1) and blaming patching as the root cause.  This is now the second such driver related issues with this month’s patching (Woody already posted about the first).  This still gets back to a root cause of loss of trust.  If we cannot trust our vendors, we will place ourselves in a position where cyber villains can get to us.

(1)https://answers.microsoft.com/en-us/windows/forum/all/windows-10-audio-stops-working-after-installing/5a541c88-89e1-4bf3-b356-2837d564b109
Earlier this week, Intel unintentionally released version 9.21.00.3755 of the Intel Smart Sound Technology (ISST) Driver through Windows Update, and inadvertently offered it to a range of devices running Window 10 version 1803 or 1809. If your device contained a compatible audio driver, the new driver overrode it and caused audio to stop working.