Cyberattack still idling Pennsylvania Senate Democrats

On Friday the Pennsylvania Senate Democrat's computer systems were infected with ransomware. Apparently they are still shut down.

Law enforcement is investigating. The ransom demand has not been revealed. They have not said if this was politically motivated or if someone just clicked the wrong link or opened the wrong email attachment. Ransomware can be used to steal information. Or, it is sometimes just a scam to get a ransom payment in exchange for a code to unlock a system.

Ransomware can be devastating. The choices are usually to pay the ransom or completely restore all OS from scratch. The first motivates the criminals to continue and can also leave your information exposed. The second can be extremely time consuming and expensive.

I personally know of a couple of businesses that were hit with ransomware. One paid the ransom. The second took months to recover and ended up rebuilding their entire network.

Senate Democrats in Pennsylvania Are Being Held Cyber-Hostage

Cyberattack still idling Pennsylvania Senate Democrats

Fascinating subject. I hope the culprits are caught but if they were able to infect the PA Senate Democrat's network they must be pretty crafty at what they do and also have ways to cover their tracks.

I wonder the reasoning behind that specific target, or if it was simply an exposed vulnerability and looked like easy pickin'

Side note: I wonder if a ransomware attack on the right computer network could tank the stock market or have other enormous catastrophic effects on an entire country (globe even?)

Quite often the ransomware software is buggy and use naff versions of encryption methods as they don't know how to actually code it themselves and just copy & paste some code and hope it will work.

The left really sucks at cyber security.

DNC hacks,Podesta emails,Clinton server, and now this.

The other thread reminded me of something way back during my bittorrent years.

And how many BANKS,corporations, business's, and government agencies I saw on my connection list.

They must have deleted all their backups to hide all the corruption I guess.

a reply to: BlueAjah

AKA "Cryptolocker"

Best case scenario: One is able to remove the cryptolocker but loses all files cryptolocked.

I'm an old computer geek.

I have seen people that ran businesses and had "zero" backups of their data and lose their only server. Zero backups. The point I want to make is people lose their data all the time because it becomes inaccessible. Far more from bad luck than a hacker. Backups are just a hassle.

But let me help you with that. Your data comes in a few parts.

1. The Operating system you access your data from
2. The documents and files that are your data
3. The programs install on your OS.

1. Number one can easily be taken care of with a free program. I have often used "Macrium Reflect" to backup the OS partition. You can backup your OS partition while you work on it. I'm lazy and don't back up that often. Maybe once every six months and I keep a backup history of around 3 of them. But if my drive ever dies I can restore the OS from an image MUCH quicker than I can reinstall said OS via install and patching.

2. I use Veracrypt to store my files in encrypted files that become volumes (you can also encrypt volumes or the OS if you wished). You have to mount the encrypted file as a drive letter in Windows. Instead of worrying about backing up select files I just copy that 25 gigabyte file and like the OS I keep several dated dated files scattered around, just in case. If somebody steals one what do I care because it has a very high level of encryption on it. Good luck. Real hard to backup a single file every couple months or so.

3. For the programs I have mostly switched to "Portable apps". I keep these on encrypted veracrypt volumes also. Things like equipment credentials in there. There again, who cares if somebody gets hold of it with my long complex password protecting it. Most of my needs can be satisfied by portable apps (LibreOffice vs MSOffice, Gimp vs Adobe Photoshop, etc). If I need an installed program, it just gets backed up with the OS partition.

I would lament my beloved computer if it died. I built it with great care and 30+ years of computer wisdom. I will not worry one iota about my data though. If it became compromised I'd grump at having to restore the image. But having data irreproachably gone ain't gonna happen.

For the truly creative you can use virtualbox on your workstation and have your whole OS, programs and files stored in one file and you can back that up. Guess what, I encrypt these also. Not hard. If somebody steals it I do not care. It's not hard to backup one file every now and then.

originally posted by: neo96
The left really sucks at cyber security.

DNC hacks,Podesta emails,Clinton server, and now this.

The other thread reminded me of something way back during my bittorrent years.

And how many BANKS,corporations, business's, and government agencies I saw on my connection list.

I am here to tell you the government generally sucks at cyber security. So do businesses. I'm not talking about some small piece of ignored, stuck in the closet, government institution. I'm talking about places which have money and should know better.

The problem is the people that get entrenched into these places. Vanity oh lord, vanity. Then those people hire folks just like themselves. Confident bull#ters mostly (Why does Obama come to mind). Then you have problems. America is in deep trouble cyber security wise. A 9 -5 guy will never, ever, ever, compete with somebody that is passionate and eats, breaths, and lives code. The guy who would grind himself into the mud for the satisfaction to crack a complex problem from bragging rights. What we have is 9 - 5 wannabe's protecting our infrastructure.

Hmmmm... This nation is in trouble technically, financially, socially, and spiritually. Huston we got problems.

a reply to: Apollumi

Zero backups? Wow. I did not think anyone could be that incompetent.

Daily backups, rotating, including off-site, are absolutely critical.

originally posted by: chadderson
a reply to: BlueAjah

AKA "Cryptolocker"

Best case scenario: One is able to remove the cryptolocker but loses all files cryptolocked.

Exactly.
Trend Micro claims to have protections against cryptolocker. There might be other providers that claim this.
But backups of data are the only true way to protect yourself, because if it gets in, expect to have to format, reinstall everything, and restore all files.

Of course there are proactive precautions: educate users; maintain a good firewall with good rules; have very good virus protection; keep software up to date; only give users the minimum of permissions to exactly what they need, including not giving them admin access to their own PC unless they really need it, etc.

But no matter how careful you are, the threats are out there. Those that spread these threats are getting more and more devious and creative. One major issue we have had recently is with the emails of OTHER companies and individuals getting hacked - then our users get emails from people they trust, and then trust clicking that link or attachment. It is really hard to fault people for falling for that kind of thing.

I can see how a high value target like the government is going to face constant threats.

originally posted by: BlueAjah
a reply to: Apollumi

Zero backups? Wow. I did not think anyone could be that incompetent.

Daily backups, rotating, including off-site, are absolutely critical.

Honestly that was back in the day. I have seen something very close to no backups though. Zerto vm replication is not a backup. If I can't hold it in my hand and bury it in a mason jar (metaphor for the technically dense) I don't care for it. Amazon skinned their knee recently from that little trip they had. The cloud is nice but don't count on it to save you. You need several levels of backup with several levels of speed of recovery.

How many people do you know actually test their VM and data backups regularly. For most it is nice to talk about having those backups but they don't verify the backups are usable. I have seen this a lot. It takes man hours and competence to run an IT shop correctly. For many companies it hurts their head to think about and accountants would thank god their lives were so simple. Or, you hire a bunch of dot indians on H-1B visa.

a reply to: BlueAjah

Maybe the cyber attack is being staged in place of say investigations being conducted/deleting files?
Maybe files are sorted for delivery onto the interwebs?
Maybe the eye of corruption deserves an hematoma?

originally posted by: neo96
The left really sucks at cyber security.

DNC hacks,Podesta emails,Clinton server, and now this.

The other thread reminded me of something way back during my bittorrent years.

And how many BANKS,corporations, business's, and government agencies I saw on my connection list.

I think the should just stop using computers and go back to letters sent through the pony express.