[AusNOG] Something else to be worried about

[Matthew Smee]

While I certainly agree with the sentiment around patching systems, for my curiosity, how does your opinion change if the same exploits (e.g. EternalBlue, DoublePulsar) were used by parties as a true 0day and before Microsoft patched it?

I believe the point of the article was that we have intelligence agencies hoarding critical-level 0day exploits and the consequences of this go beyond some enterprise losing productivity for a while - instead we're talking about planned or incidental attacks that can also affect infrastructure and hospital networks. There are consequences of the existence of these, especially when they're leaked to the world.

How would we all feel if someone started sabotaging hospitals on a physical level? Disrupting power or transport networks without hacking?
Anyway I'll go back to my popcorn...

-Matt

-----Original Message-----
From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Chris Knight
Sent: Monday, 26 June 2017 9:06 AM
To: James Hodgkinson <yaleman at ricetek.net>
Cc: ausnog at ausnog.net <ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Something else to be worried about

Howdy,

Yep, especially when you're hit by a remote code execution exploit that had a vendor patch released 6 weeks prior to pwnage.
Instead of the CIO complaining to politicians about how poorly he does patch management he'd be better off spending his time improving his processes.


On 25 June 2017 at 14:11, James Hodgkinson <yaleman at ricetek.net> wrote:
> "I spent a million bucks buying things to sign off on a list and still 
> allowed an uncontrolled device to send SMB via VPN to my network".
>
> Doesn't matter how much shiny vendor-tin you buy, process failure's 
> going to get you every time.
>
> James


--
Regards,
Chris Knight
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog