So uh, this happened. Cyber attack. Everyone got rekt.
http://www.reuters.com/article/us-britain-security-hospitals-idUSKBN18820S
tl;dr: Some organizations like FedEx, along with some hospitals in the UK, were apparently hampered by this attack, called "ransomware", with the latter even having to turn away patients because of a glitch in the computer system.
idk, I just felt like posting about it.
tl;dr: Some organizations like FedEx, along with some hospitals in the UK, were apparently hampered by this attack, called "ransomware", with the latter even having to turn away patients because of a glitch in the computer system.
idk, I just felt like posting about it.
Comments
Not me. I only manage Linux systems. Got silly things like SA-00075 and the like to worry about.
That is, until my personal life and these 3rd party systems that are owned intersect. Good times.
These people send out emails or website links or something to get a user inside the company to download and install a file. Once that's installed on that computer, it encrypts all of the drives on that computer and displays a message on screen that you will have to pay a sum to a random bank account in order to get the decryption key, and trust me, there is no way to decrypt that drives without the key. You might as well throw the computer away.
The major problem comes with that computer has mapped network drives on it that go back to folders on a server. As the program starts encrypting drives, it hits the network drives and encrypts everything on the server as well, then you're royally screwed because all of your company server files are encrypted and you have to either pay the ransom or load from backups (if you have them). Most companies just pay it because it's cheaper, it's generally around $20,000 or so.
This is going to become very, very common in the future just because of how easy it is to deploy and how critical this information can be to most companies.
https://askubuntu.com/questions/914623/microsofts-wanna-cry-ransomware-possible-impact-on-linux-users
Curious if this really was developed by the NSA, or if that's just a popular rumor. For now, I'll inclined to believe the latter, but wouldn't be surprised either way.
This stuff has been happening for a few years now with ransomware. We've been hit by it 3 or 4 times because most computer users have no clue what they're doing.
All i wanna know is....can i still play Mario Kart 8 online?
Yes. Unless Nintendo's servers get hit by a Blue Spiney...
"It'll never happen to us."
What makes this worse is a security patch was released 2 months ago for supported OS's.
The problem this morning, at least, is that China is getting hit hard. There, piracy of Windows is common, so they wouldn't have been entitled to the patch, since AFAIK, it was only released as part of Windows update.
What makes this worse is a security patch was released 2 months ago for supported OS's.
The problem this morning, at least, is that China is getting hit hard. There, piracy of Windows is common, so they wouldn't have been entitled to the patch, since AFAIK, it was only released as part of Windows update.
That's their fault for using pirated OS's that couldn't receive the update. People know the risks of running illegal software, so that's all on those people.
What makes this worse is a security patch was released 2 months ago for supported OS's.
The problem this morning, at least, is that China is getting hit hard. There, piracy of Windows is common, so they wouldn't have been entitled to the patch, since AFAIK, it was only released as part of Windows update.
That's their fault for using pirated OS's that couldn't receive the update. People know the risks of running illegal software, so that's all on those people.
Completely agree! There could be keyloggers, backdoors, etc. in the pirated versions too.
What makes this worse is a security patch was released 2 months ago for supported OS's.
The problem this morning, at least, is that China is getting hit hard. There, piracy of Windows is common, so they wouldn't have been entitled to the patch, since AFAIK, it was only released as part of Windows update.
That's their fault for using pirated OS's that couldn't receive the update. People know the risks of running illegal software, so that's all on those people.
Completely agree! There could be keyloggers, backdoors, etc. in the pirated versions too.
Yep! A lot of the ISO's are rooted
You won't get rid of cyber terrorism.
This stuff has been happening for a few years now with ransomware. We've been hit by it 3 or 4 times because most computer users have no clue what they're doing.
Yeah until people stop paying the ransoms. It's not terrorism, they don't give a crap about scaring anyone, they just want money. If people didn't pay they wouldn't do it. The crooks in this case are outside of jurisdiction but they could always start shooting the people who pay the ransoms.
You won't get rid of cyber terrorism.
This stuff has been happening for a few years now with ransomware. We've been hit by it 3 or 4 times because most computer users have no clue what they're doing.
Yeah until people stop paying the ransoms. It's not terrorism, they don't give a crap about scaring anyone, they just want money. If people didn't pay they wouldn't do it. The crooks in this case are outside of jurisdiction but they could always start shooting the people who pay the ransoms.
It is terrorism. It costs millions in labor to recover this shit from backups, reimage servers (which means reconfiguring the hell out of them and the software they serve, even worse for domain controllers, SQL servers, and Exchange Servers), restoring massive file shares, recreating the entire days work all over again, and so on. Just because lives aren't lost (though, with the malware targeted specifically for nuclear power plants, i.e., Stuxnet, it's entirely possible) doesn't mean actual damage can't be done. What if the MRI machines went haywire while someone was in it? There's PLENTY of things on the internet that can cause fatalities in the real world these days.
Terrorists don't care except to push their agenda, too. It seems you're restricting terrorism to where physical harm is done rather than digital disasters.
If they didn't pay it, and your cell phone and internet went out for a week because of it, I don't think you'd be a happy person.
Originally posted by: avatar!
I agree with dra600n. I would call it "cyber terrorism" rather than the vernacular version of "terrorism" which typically involves crazy ideological murder. Such software spreads panic and fear, which in turn "forces" people to pay money. That is certainly terrorism.
Yeah, it's cyber terrorism for sure. I thought that would be assumed given the topic But terrorism in cyber space can lead to physical harm (imagine if they hit the grid and millions lost power - people on oxygen in their homes would be in real danger), or in this case, the fact MRI machines are on obsolete operating systems (who knows what else is as well due to the mandatory need to keep a system active). The lines are already getting blurry in regards to the separation of the terms.
Production code is often times a mess, and won't work properly on updated OS's. Some of these software suites become so essential to business operations, and a lot of times the developer closes up shop, so they can't just upgrade to a compatible system.
Why do you think the cost is only a few hundred rather than a few thousand? It's at the price where people with no options will opt to pay the ransom because they can afford it, or operations that need immediate restoration (such as hospitals, cable providers, phone providers, etc.)
If they didn't pay it, and your cell phone and internet went out for a week because of it, I don't think you'd be a happy person.
The thing that I think is interesting is that supposedly this worldwide attack has only garnered them around $50k per account, across maybe 3 or 4 accounts, total.
That is a pretty low submission rate for people giving in to the bad guys.
But what I also find funny is that the bad guys in this scenario think that the average person that finds themselves susceptible to this kind of attack is somehow going to have the understanding and wherewithal to go send them bitcoins.
I'm sure the majority of people who were affected didn't even know what bitcoins were.
Most small businesses don't have the money, time, or desire to spend on decent IT. I mean, a local business of about 20 or so employees isn't going to spend the time and money to set up a NAS with an application server to externalize applications and the data along with it to reduce chances of data loss (A lot of places bigger than that don't even go that far). Most small businesses don't even set user permissions correctly on a network, much less backup their data on a relatively regular schedule.
or in this case, the fact MRI machines are on obsolete operating systems (who knows what else is as well due to the mandatory need to keep a system active).
A LOT. When I was interning for a Healthcare management service around here, one of the hospitals I had to go to were ordering new computers from the manufacturer with XP still installed because the company that sold this specific program never had a reason to modernize their code.
I can't remember the exact price, but one license to the program pre-installed onto a device was well over 3k.
You won't get rid of cyber terrorism.
This stuff has been happening for a few years now with ransomware. We've been hit by it 3 or 4 times because most computer users have no clue what they're doing.
Yeah until people stop paying the ransoms. It's not terrorism, they don't give a crap about scaring anyone, they just want money. If people didn't pay they wouldn't do it. The crooks in this case are outside of jurisdiction but they could always start shooting the people who pay the ransoms.
It is terrorism. It costs millions in labor to recover this shit from backups, reimage servers (which means reconfiguring the hell out of them and the software they serve, even worse for domain controllers, SQL servers, and Exchange Servers), restoring massive file shares, recreating the entire days work all over again, and so on. Just because lives aren't lost (though, with the malware targeted specifically for nuclear power plants, i.e., Stuxnet, it's entirely possible) doesn't mean actual damage can't be done. What if the MRI machines went haywire while someone was in it? There's PLENTY of things on the internet that can cause fatalities in the real world these days.
Terrorists don't care except to push their agenda, too. It seems you're restricting terrorism to where physical harm is done rather than digital disasters.
No people get killed in regular crimes, robberies, etc all the time. It's just not terrorism because terrorism is terrorizing for political or ideological gain. Holding something ransom (unless you are doing for the purpose of terrorizing for ideological / political gain instead of the money) just isn't terrorism