This is an interesting article in that it has been stated that the cyber attack in Ukraine came via this particular software update.....
Which actually flies in the face of confirmed actual hacking events that occurred shortly after a car bomb killed a UAF SOF COL of the military Intelligence...which for some strange reason has been largely glossed over by IT media and MSM media....
Family firm in Ukraine says it was not responsible for cyber attack
http://www.reuters.com/article/us-cy...technologyNews
NOTE"What has been established in these days, when no one slept and only worked? We studied and analysed our product for signs of hacking - it is not infected with a virus and everything is fine, it is safe," said Olesya, managing partner at Intellect Service.
"The update package, which was sent out long before the virus was spread, we checked it 100 times and everything is fine."
Little known outside Ukrainian accounting circles, M.E.Doc is an everyday part of life at around 80 percent of companies in Ukraine. The software allows its 400,000 clients to send and discuss financial documents between internal departments, as well as file them with the Ukrainian state tax service.
1. the update in question was sent out long before the attack
2. normally updates are tested on a variety of in-house computer systems in order to ensure there are not compatibility problems and if the malware was in the update it would have then triggered on at least one of those test systems....
3. does not explain just how then it spend to such companies as Maresk shipping that did not use the Ukrainian software....
4. AND more importantly the entire 400,000 customer base was not inflected if it had been the single update that was responsible....
MS really needs to explain just how this NSA exploit was able to spread so quickly even on MS machines that had the MAR 2017 security updates to hinder just such an attack...
There is far more to this attack than is being publicly written about....
Bookmarks