“The attackers initiated an operation to hunt down vulnerable public facing SMB ports and, once located, used the newly available SMB exploits to deploy malware and propagate to other vulnerable machines within connected networks”
I don’t get it. Who has public facing Windows file sharing? I used to do that from RIT’s Resnet when I didn’t know any better, but you’d think most people would be behind a firewall router. Is that something easily bypassed with UPnP? I’ve heard that feature is a security risk so I’ve always disabled it.
It doesn’t matter how, if anything manages to get a beachhead by being on your LAN, it can just broadcast to find routers, and without authentication, ask for traffic to be let into your LAN. Think of it. Ordinarily, to allow something into your LAN, you’d have to log into your router with sufficient privilege and alter the configuration to allow that traffic. With UPnP, your barrier is being able to connect to your LAN…that’s it.
As far as exposing hosts, why not? If you need to share (or receive) files, use a technology which facilitates that. There are probably a lot of better choices, like SFTP, because MS has a history of bug-riddled software. Probably not a whole lot of people do it, but I guess it would be possible to turn on SMB encryption to implement data integrity and privacy…don’t think it’s on by default.