The WannaCry ransomware attack took the world by surprise a few weeks ago, spreading to more than 300,000 computer systems around the world in a matter of hours. The virus, believed to have been created by hackers with ties with North Korea, used a Windows vulnerability that was first devised by the NSA and made public after the agency suffered a digital breach. The US government cautions that a similar attack might be just around the corner, thanks to a different vulnerability.
The US Department of Homeland Security announced the vulnerability, Reuters reports, urging users and administrators to update their computers.
The security issue could be exploited to infect more than 100,000 computers that run vulnerable versions of Samba, a networking software for Linux and Unix, according to cybersecurity company Rapid7.
Most of these computers are running older versions of the software, and can’t be patched. Furthermore, most computers belong to home users, although some of them are registered to companies and organizations.
Apparently, hackers would need just 15 minutes to develop malware that exploits the vulnerability. In theory, they could build a virus as viral as WannaCry, but to spread as quickly the malware would need an extra step from attackers, Rapid7’s Rebekah Brown told Reuters. The researcher also said that 12 hours after the disclosures, there are no signs of hackers exploiting the vulnerability.
WannaCry targeted mainly computer systems belonging to businesses or governmental organizations, taking advantage of a security hole that allowed it to infect all the computers in a network without the user’s knowledge or interaction. The attack came months after an NSA server was raided by hackers, who then shared their findings with the world.