13

Rant considering the latest Cyber attack and the news around it.

(A recap: a lot of Windows computers were infected with ransomware (due to security hole on Windows), which demanded 300$ in bitcoins to unlock data. After 3 days the price would double, and after 7 days the data was to be deleted)
1) In our country, one of the biggest companies was attacked (car factory). The production stopped and they got for around 1 000 000€ damage in less than 24h (1300 people without work). The news said that they were attacked because they are such a big company and were charged more, as the hackers "knew who they were dealing with" - another reason being the fact that the text was in croatian (which is our neighbor country), but noone realized that it is just a simple google translate of english text - which is obviously not true. The hackers neither know nor care who is hacked, and will charge everyone the same. They only care about the payment.
2) In UK whole (or large part) of medical infrastructure went down. The main thing everyone was saying was: "Nobody's data is stolen". Which, again, is obvious. But noone said anything about data being deleted after a week, which includes pretty much whole electronic medical record of everyone and is pretty serious.
And by the way, the base of the ransomware is code which was stolen from NSA.
All that millions and millions of dollars of damage could be avoided by simply paying the small fee.
The only thing that is good is that (hopefully) the people will learn the importance of backups. And opening weird emails.
P.S. I fucking hate all that 'hacky thingys' they have all over the news.

Comments
  • 10
    Wannacry is a worm, so it doesn't spread itself via email. It scans the network for vulnerable targets, then installs itself on that host and repeats.
  • 4
    @penguin but it got started on these networks through compromised email attachments. At least that's my understanding of the situation.

    And thankfully it's not the whole of the NHS, but any of the system is too much for a service like that.
  • 6
    But the problem is that Microsoft released the security patch for the SMB vulnerability in March... It would of limited spread if companies applied it.
    I don't know about anyone else but for me we apply security updates straight away via WSUS. Sounds like those companies need to update their risk management plans....
  • 5
    1. No files will be deleted. What will be deleted is the encryption key from the hackers' servers that was used to encrypt the files.
    2. The best thing is to actually NOT pay the relatively small sum of money that the hackers blackmail you, as this is what feeds their business. It is naturally understandable that people are willing to pay when their not backed up holiday or baby photos are at stake to be lost forever.
    3. The hospitals are using old versions of Windows, like XP, Vista or 8.1. I read in the news today that a guy with a connection to one of the British hospitals that were attacked said that the hospitals are good but the IT infrastructure is old and outdated and they had had four outages in the last couple of months. Because IT is not important, right?
    4. The antivirus company Bitdefender (whose users by the way are completely protected) will release a tool soon that will enable users to hopefully recover their encrypted files.

    Just my 4 cents.
  • 1
    If you leave your doors unlocked, don't complain when you get your shit stolen...
Add Comment