“Playing with fire” is one way to put it when software security patches don’t get applied. That’s the case with around 18,500 users of VMware’s EXSI virtual systems yet to apply an essential security patch. VMware released the patch two years ago after a critical flaw in EXSI was discovered. It’s believed the Russian-linked hacking group, LockBit, is behind ransomware attacks on the still unpatched EXSI systems.

Patch Power

A Cyphere director views attacks on unpatched EXSI systems this way “It has already been used to target computer systems in multiple countries and, if left unchecked, could lead to the loss of data and financial resources. Additionally, it could allow malicious actors to gain access to confidential information and potentially cause disruption to critical systems.” For the unpatched, ransomware may be just the first of many malware infections to follow.

Software patches fix everything from simple flaws to monumental security risks, as the unpatched EXSI victims show. It’s so important that many companies offer bug bounty programs with lucrative rewards for flaw-finders. The goal of finding a vulnerability is creating a security patch and making it immediately available for use before the flaw is exploited by hackers.

Sorry About That…

Although not officially named by authorities, LockBit is a top suspect behind the EXSI ransomware strikes. But there’s one attack now linking the word “infamous” to LockBit’s name…

Late last year, LockBit set ransomware loose on SickKids hospital in Toronto, Canada. The attack affected the level of care, making many hospital services unavailable to their patients. Two days later, the hacking group reached out to the hospital, saying “We formally apologize for the attack on sikkids.ca and give back the decryptor for free…” Flickers of conscience like this one will remain rare events.

As the unpatched, exposed EXSI systems show, not updating software is a security risk. There’s a lot to lose when security patches don’t get applied or get delayed, and that’s especially true when hackers know the vulnerabilities exist. Remember, don’t wait to apply software patches no matter if it’s at home or at the office.