It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Ransomware infections reported worldwide

page: 5
44
<< 2  3  4    6  7  8 >>

log in

join
share:

posted on May, 13 2017 @ 01:57 AM
link   
This ''attack'' is the US Government targeting specific systems with the same tools that Wikileaks has leaked information about.

this is the pretext for raiding the embassy and taking Assange.


This is why it targeted health and UK hospitals - people will die as a result of this attack.




posted on May, 13 2017 @ 01:58 AM
link   
a reply to: dianajune

What do you think these major hacks are intended to accomplish? Is it just some smart person in a club, attempting to earn more stars? Or, something more sinister and dangerous being tested.

Based on history, it's likely that most of the affected institutions will be back to normal soon, with no permanent damage done.

What kind of attack would cause loss of life, or financial losses?



posted on May, 13 2017 @ 02:12 AM
link   
It seems that my Big Chief Tablet prediction came sooner than that know it all quantum computer's threat models indicated.

There are just some things that are too awesome for words.



Buck

edit on 13-5-2017 by flatbush71 because: (no reason given)



posted on May, 13 2017 @ 05:30 AM
link   

originally posted by: subfab
a reply to: mirageman

i heard about this this morning.
i'm sure it will be a short matter of time before a resolution to the mess is developed.
question to anyone savvy with computers; if a personal computer gets attacked like this, will installing a fresh operating system clear it up?
wipe the hard drive clean and start over?


your best bet is have a clone hard drive and renew it once a month.
bombich.com...

I have a cloned SSD drive and if i was hit by Ransomware that corrupted my computer i can have it back up in less then 15 mins.
Then i can format the infected drive and turn it into a back up drive.
I also have a flash drive backup to cover 95% of the 30 days between cloning.
edit on 13-5-2017 by ANNED because: (no reason given)



posted on May, 13 2017 @ 06:14 AM
link   
a reply to: mr-lizard

There's a problem with some of that information, what I saw yesterday added ".WNCRY" at the end of the name, not ".WCRY", that's an older version.



posted on May, 13 2017 @ 06:18 AM
link   
a reply to: mirageman

All I can say is, it's about time. I remember budget meetings with idiots who didn't want to spend money to upgrade anything as long as the current system worked. Old, slow TTY terminals and DOS based 1st generation computers.

The worst sin was hooking dumb controllers to the local net so managers could look over engineers shoulders.

NASA running the space shuttle and other stuff on 8086 chips.

Proprietary software will bite you in the butt eventually.



posted on May, 13 2017 @ 06:44 AM
link   
a reply to: Bramble Iceshimmer

A lot of organisations do not run the very latest operating systems and versions of software as that can have it's own problems. But it seems the NHS in the UK still have a lot of systems running Windows XP. Which has been unsupported for a while now. How ironic that the UK National Health Service has been crippled by a virus because of underfunding.



posted on May, 13 2017 @ 06:59 AM
link   

originally posted by: fleabit

I have a low opinion of IT and IT workers, but stepping back from that for a moment... they do have a difficult job.


Curious why you have a low opinion of IT workers.. : )


Most who work on network policy are complete hypocrites who limit other employees internet use but give themselves free reign to do anything, because they're the enlightened. That's not the main reason though, the main reason is that IT portrays itself as white collar work, they act like engineers when they're really just blue collar auto mechanics.

I have met so many, for lack of a phrase technical hillbilly IT people, who pretend they're educated because they know how to push buttons on a machine (or plug cables in) and spout some technobabble that it sours me on the whole profession. I'm not saying it isn't honest work, I just dislike the personalities of just about everyone in IT.



posted on May, 13 2017 @ 07:02 AM
link   
a reply to: Arbitrageur

That's more a failure of software engineers, or more likely the marketing/business people who pay the engineers to build these things, and then sell them without fully understanding the consequences. While bad, I don't think it's fair to blame IT for that one.



posted on May, 13 2017 @ 08:19 AM
link   
a reply to: Arbitrageur

The problem is that web pages were never meant to be used like this, but people started demanding things from web pages that they could not do, so developers started changing the way browsers worked.

That's why we started seeing the use of ActiveX objects by Internet Explorer, it made it much easier to create web applications (the company where I work turned a VB6 program into a web version in two weeks), but by giving a lot of power to the browser.

That was the worst case, but things, from then, started getting more mixed up, so we ended up with browsers accepting all those "extras", like Flash and Java, that are now being ignored by the browser makers.

Then we have things like Facebook, that depend mostly on Javascript running on the browser, but even things like that are being replaced by purpose-built applications.



posted on May, 13 2017 @ 09:24 AM
link   
a reply to: fleabit

Its great that you got system restore to work. My experience has been the exact opposite. Either system restore is no longer working or the restore points have already been corrupted. System restore requires a restart - which in my opinion, is the last thing you want tot do if you know your computer has been compromised. if you fail to completely remove the virus you can bet its in deeper now than it was before.

The only issue I have with external drives as back-ups is that they are really no different than internal drives. They are always on when the computer is running. The data on an external drive will be encrypted too in the attack. That is why I use the hot swap drive bay. You can deactivate the drive without removing it making it invulnerable to the attack. Backing up the files is as easy as closing the drive bay locking lever and copying the files over. In my experience this has been the better choice. But, nothing is perfect. If your system is corrupted and you don't know it yet, chances are you will back up your files at some point and could back up the virus too. When your screen freezes and the ransom demand is made is usually not when the infection occurred. It is just when you became aware of it. These viruses usually take some time to trigger. Either on a specific date, after a certain number of keystrokes, whatever. That is why I think off-line back ups are best. The hot swap drive bay is the easiest and least expensive way to accomplish that and makes the back ups quick and easy to do.

You are definitely right when you said that people won't do their back-ups or any other maintenance if its not fast and easy. Its not fun sitting there listening to a hard drive click watching the little light flash, even if it can save all your data. Make it as painless as possible and people still have a hard time doing it but at least some of them try.
edit on 13-5-2017 by Vroomfondel because: (no reason given)



posted on May, 13 2017 @ 09:37 AM
link   
Here is some good news...

It looks like Microsoft has issued a security patch for this virus which they have extended to legacy operating systems all the way back to windows XP. The patch will fix the vulnerability in the operating system. The patch also fixes Defender which will now block the attack as well.

Of course, the sneaky bastages that write these viruses probably already have the next one ready to go but at least this one is now preventable. Update your PC's with the current security patches and you should be ok. And - back-ups never hurt...



posted on May, 13 2017 @ 09:37 AM
link   

originally posted by: ArMaP
a reply to: Arbitrageur

The problem is that web pages were never meant to be used like this, but people started demanding things from web pages that they could not do, so developers started changing the way browsers worked.
I'm not totally opposed to the idea of doing that, say for an internal application where the sales force logs in to the corporate VPN and they get trusted scripts running from their own company, then it's not such a bad idea.

When it turns in to a bad idea is when you start allowing scripts to run from any source anywhere, including those of ransomware developers and other criminals. That's a really dumb idea that can only lead to problems like those being reported in this thread and maybe worse. Maybe now if people in hospitals start dying from their lack of security they might start taking it more seriously, but it's sad if it had to become a life or death situation to get some attention.



posted on May, 13 2017 @ 09:50 AM
link   

originally posted by: Aazadan
a reply to: Arbitrageur

That's more a failure of software engineers, or more likely the marketing/business people who pay the engineers to build these things, and then sell them without fully understanding the consequences. While bad, I don't think it's fair to blame IT for that one.
I think you're missing the point I was making. If IT managers took a stand for security to not run untrusted scripts from untrusted sources, then the people you're talking about would be working on web applications that would work on those systems. But IT leaders made a decision to allow untrusted scripts from untrusted sources to run, so of course the legitimate software engineers take advantage of that, but so do developers of ransomware or whatever other malicious script they want to run because the web browsers are generally insecure and allow anybody's scripts to run.



posted on May, 13 2017 @ 09:56 AM
link   
Is it sad that my first thought was... this might help me land a job when I finish school soon..

IT system security..



posted on May, 13 2017 @ 10:05 AM
link   
Many of these issues happen because of of under-staffing / under-funding of IT at many levels. Since IT is considered overhead, instead of a 3 to 5% budget (of total revenue) they should get, they often get much less.. in some industries, a whopping 1% to 1.5% to work with. And it's difficult with that sort of money to effectively patch and maintain, let alone develop and grow your IT so its goals align with the companies goals. Same with developers. So MS for example, comes out with new versions of software -so- quickly (say.. IE), that developers don't have time to change their product properly to work with it, and IT at companies don't have the time to patch the systems now using an outdated software.

Java, Silverlight, Flash and other scripting software are often required for a great many 3rd party software that companies use. IT has to scramble to find alternatives to make it work, when browsers start shutting down the ability to use them. Companies don't have the time and money to change systems, IT doesn't have time to find working alternatives, software remains unpatched, systems are compromised. It boggles my mind that a company that makes, we'll say.. 100 million in a year, won't give their IT team 200k more to bring them to a good working budget, and instead have them limp along struggling to keep the company running, let alone advancing.

Almost every company I've been with, the IT team is almost always reactive, never proactive. They simply don't have the time and resources to be so. When a company grows to a certain point.. say, 30k plus employees, often the IT grows to a point and gets a decent enough budget to work with. Perhaps those companies grew to that size because they did give their IT a proper budget to begin with. : )

That's how I've seen it develop over the years. Companies often don't realize how integral IT systems are to their company succeeding, and instead give them a skeleton crew with a sad budget to work with and are surprised when things go wrong.



posted on May, 13 2017 @ 10:13 AM
link   

Its great that you got system restore to work. My experience has been the exact opposite. Either system restore is no longer working or the restore points have already been corrupted. System restore requires a restart - which in my opinion, is the last thing you want tot do if you know your computer has been compromised. if you fail to completely remove the virus you can bet its in deeper now than it was before.


I've almost never encountered that. If scorched-earth was going to happen anyway with that systems, might as well system restore to see if you can prevent it. I've recovered literally dozens of computers with system restore in say, 10 minutes.. vs. a rebuild that might take 1.5 hours. I've seen one well-made virus hit in the last 10 years, that forced a reboot and killed the restore points, and so that could not be done. The only other times it has not worked is when someone has rebooted many times.. working with an infected computer for days.. before coming to IT, and then you have to rebuild, because even if you system restore, many services have had their state changed, etc.. and it's not worth the effort trying to correct it. But I've saved countless hours of work with system restore for certain. I've also recovered many encrypted documents that way. Shadow copy rocks. : )


The only issue I have with external drives as back-ups is that they are really no different than internal drives. They are always on when the computer is running. The data on an external drive will be encrypted too in the attack.


Yup.. I should have added - keep that SSD somewhere safe when not plugging it in to back it up. I always have people keep it somewhere else, and only plug it in to back up your data. It doesn't help much to keep that USB SSD in your laptop bag, so when it gets stolen, you lose your backup as well. I had that exact scenario a couple weeks ago.. but the guy kept it in his extended stay hotel, and didn't lose his data.
edit on 13-5-2017 by fleabit because: (no reason given)



posted on May, 13 2017 @ 10:26 AM
link   

originally posted by: Aazadan Most who work on network policy are complete hypocrites who limit other employees internet use but give themselves free reign to do anything, because they're the enlightened. That's not the main reason though, the main reason is that IT portrays itself as white collar work, they act like engineers when they're really just blue collar auto mechanics.

I have met so many, for lack of a phrase technical hillbilly IT people, who pretend they're educated because they know how to push buttons on a machine (or plug cables in) and spout some technobabble that it sours me on the whole profession. I'm not saying it isn't honest work, I just dislike the personalities of just about everyone in IT.


I've not seen any reputable IT team exclude themselves from their own browsing policies, and create exclusions only for themselves. And most don't block Internet anyways - it's often pointless. The only thing I block is porn sites. I have warnings pop up for a few other types of browsing (hate-sites, weapons, drugs, etc..), but that's it. If you have an employee that is spending all their time browsing, you are not magically going to get them to work harder by blocking say, YouTube. Need to fix the source of the problem.. not try to block 99% of websites, it never works.

Also I guess you must mean level 1 and perhaps 2 helpdesk? Sometimes you get those types, but usually once someone has the smarts to learn something else beyond that, they are usually your normal perhaps somewhere more-geeky person, same as anyone else. I've rarely met a sysadmin, SharePoint adminstrator, DBA, programmer, whatever.. that were as you describe above. And some of those guys really -are- very smart. I've met some pretty brilliant people in the IT industry over the years. Sometimes a bit of ego accompanies their role.. but not usually, I don't see it very often.



posted on May, 13 2017 @ 10:28 AM
link   
a reply to: mirageman

Hello.......they've orphaned this story on our MSM propaganda outlets. Its Saturday so its golf, basketball or crappy politics.

I am guessing its about 4 or 5 pm in GB right now. Any updates you can provide? Are your Hospitals back up and running?

Thanks for any info.



posted on May, 13 2017 @ 10:39 AM
link   
IT Naive people make me chuckle.

NSA and CIA found holes in the Windows NT Core, they created a tool kit that targeted those holes.

A group of people came along and stole those tools from the NSA from a very secure server from within the NSA ( suspect an inside worker, similar to Snowden), those tools were handed off to a group called ShadowBrokers.

That ShadowBrokers group attempted to sell those tools on the Darknet a couple of years back but they got no buyer, so a couple of months ago they released them freely to the net - I have a copy of the toolkit, it has some pretty interesting reading material documents in them and even has the original source code to those tools and the tools them self. - you can find a copy of the tool kit on GitHub yourself - it is clean, but test it out in a VM just to be safe.

I said to myself "I wonder when people are going to take advantage of this toolkit..." and here we are, and let me tell you, what is happening now is nothing, that toolkit has over 20 different exploits and tools targeting many different holes in the NT system, it's not going to be good.

There you have it.

While some of the exploits have been fixed, and the toolkit itself is many years old, many places still use old (XP) systems for custom software, cheapness, and some people just do not update their systems etc etc, however even with an updated system your system can still be affected if your local network has a system that has been infected, it's bad because even newer (up to Windows 10) can be targeted also.




new topics

top topics



 
44
<< 2  3  4    6  7  8 >>

log in

join