Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Ransomware Outbreak.

  1. #1

    Default Ransomware Outbreak.

    http://www.abc.net.au/news/2017-05-1...ations/8523102

    A piece of ransomware caused some major damage it has managed to hit hospitals, now I must say despite the damage it has caused, It's fucking impressive. but concerning obviously the people who managed to pull this off must be very smart xD.

    That being said, supposedly it was done using an exploited NSA tool, personally windows itself is a insecure piece of garbage, but we are all forced to use it as it's "the main OS in used on desktop computers".

    That being said, It is a dick move to attack hospitals and highly unethical.

  2. #2

    Default



    Quote Originally Posted by Binary View Post
    That being said, It is a dick move to attack hospitals and highly unethical.
    Completely logical 1) Go where the money is 2) Take the most tearjerking, pathetic hostages available. Nobody dares refuse.

    I doubt hospitals were specifically targeted though.

  3. #3

    Default

    In addition to Norton virus protection I have Malware Bytes installed. The latter notified me today that I was protected, though the article that I read stated that if you had installed your March Windows updates, your were covered as well.

  4. #4

    Default

    I know it's harsh, but if a large scale organization can't simply wipe and restore from backup in this kind of situation and has to actually pay to get their files back.. they deserve what they get.

    This is basic disaster recovery 101. Have backups, have procedures to mitigate interim impact when systems go down, and have a restoration procedure that you've tested and can quickly implement. It's understandable that a lot of individuals don't have backups and can be exploited in this way, but any company large enough to have an IT department aught to have their shit together.

  5. #5

    Default



    Quote Originally Posted by Kenn View Post
    In addition to Norton virus protection I have Malware Bytes installed. The latter notified me today that I was protected, though the article that I read stated that if you had installed your March Windows updates, your were covered as well.
    The ransomware itself was a new variant released yesterday. The main way it propagates is via a worm, which was patched last March. It also infects computers on a local network via SMB and RDP.

    But the NHS still use Windows XP. Even if a patch was released to them as part of their 5.5 million a year support contract, it probably takes more than two months for it to be tested and rolled out.

    Strangely, the ransomware contained a kill switch. It would check whether it could connect to http://www.iuqerfsodp9ifjaposdfjhgos...wrwergwea.com/. If not, the infection would start, otherwise it would exit. A security researcher found that the domain hadn't been registered, so bought it, set up a simple website, and it appears to have stopped all new infections of the ransomware. Weird.

  6. #6

    Default

    I understand most if the infections were through opening spam.
    Never open spam or strange email without sandboxing it

  7. #7

    Default

    Stock reminder: don't use unsuported software (if you need to sandbox it), keep stuff patched. This botnet uses vulnerabilities that where patched in March.



    Quote Originally Posted by tiny View Post
    The ransomware itself was a new variant released yesterday. The main way it propagates is via a worm, which was patched last March. It also infects computers on a local network via SMB and RDP.

    But the NHS still use Windows XP. Even if a patch was released to them as part of their 5.5 million a year support contract, it probably takes more than two months for it to be tested and rolled out.

    Strangely, the ransomware contained a kill switch. It would check whether it could connect to http://www.iuqerfsodp9ifjaposdfjhgos...wrwergwea.com/. If not, the infection would start, otherwise it would exit. A security researcher found that the domain hadn't been registered, so bought it, set up a simple website, and it appears to have stopped all new infections of the ransomware. Weird.
    Frankly the NHS should have updated away from XP ages ago. It's just going to cost them more and more the longer they wait.

    As for the killswitch, it's not necessarily that odd since this was potentially an NSA-developed malware that got leaked. You gotta believe the next version won't be so trivially turned off though.

  8. #8

    Default

    The ironic thing is they believe the attack originated from Russian gangs, and it is Russia that was hit the hardest. The other thing that delighted me is that India was hit hard. I still get phone calls from some idiot from India telling me I have viruses on my Windows. One time I told him I would take care of it by cleaning my windows with Windex.

  9. #9

    Default



    Quote Originally Posted by Near View Post
    Frankly the NHS should have updated away from XP ages ago. It's just going to cost them more and more the longer they wait.
    Apparently (I haven't heard any actual reference to a credible source yet), some of the software would cost millions to rewrite. Apparently things like MRI scanners have Windows XP drivers... or something.

    Anyway, if the think the NHS using XP is bad... check out this:
    http://www.popularmechanics.com/mili...un-windows-xp/


  10. #10

    Default



    Quote Originally Posted by Binary View Post
    That being said, supposedly it was done using an exploited NSA tool, personally windows itself is a insecure piece of garbage, but we are all forced to use it as it's "the main OS in used on desktop computers".
    It's quite reasonable to be pissed at Microsoft for security vulnerabilities, but if by "insecure piece of garbage" you mean to imply that the alternatives are innately more secure, you're fooling yourself. In practice, the alternatives appear more secure because "nobody" (= a small number of people, relatively speaking) uses them. The hackers will be where the users are, not where they aren't. If, over night, the world switched from Windows to Mac OS or some Linux distro, it wouldn't be long before the software engineers there were caught with their pants--and diapers, and possibly epidermises--down. It would be a catastrophe, I'm quite certain. As the owner of a Mac and several other devices running non-Microsoft OSes, I'd like to think that when the engineers at Microsoft's competitors hear people say that Windows is an "insecure piece of garbage," they do more than just grin and nod. Hopefully they look for and patch similar holes in their own products. Hopefully it reinforces for them that developing software with security in mind is super important. I'm pretty sure that's not always the case, though.

    Microsoft has been getting beaten up in the press for security issues since the Blaster / Slammer / I love you / Anna Kournikova debacles of the early 2000's, and as a longtime developer of Windows software who's watched Microsoft's responses to these things, I don't doubt that a great deal of progress has been made toward changing the security mindset of the people working on the affected projects. But you're talking about software projects with literally billions of lines of code and "only" thousands of developers. Microsoft's Windows team could have written air-tight code for the last decade, and most of the code in the product would still predate it. Ad hoc code reviews and code analysis tools can help, but in the end it's still a bit like telling a city's police department that there's a general emergency and to secure the city. Mmmmm... yeah.

    For better or worse, the world is run by code now, and code can reasonably be assumed to be buggy, no matter who it comes from. The code you run will always seem like the buggiest, and the code everybody runs will always seem like the least secure. Run away if you must, but you'd better hope that nobody follows you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
ADISC.org - the Adult Baby / Diaper Lover / Incontinence Support Community.
ADISC.org is designed to be viewed in Firefox, with a resolution of at least 1280 x 1024.