CHUD.com Community › Forums › POLITICS & RELIGION › Political Discourse › Global cyber attack.
New Posts  All Forums:Forum Nav:

Global cyber attack.

post #1 of 18
Thread Starter 
This is some scary shit. 74 countries hit. The US is next. Two London hospitals stop taking Emergency patients.

Cyber-attack hits 74 countries with UK hospitals among targets – live updates

https://www.theguardian.com/society/live/2017/may/12/england-hospitals-cyber-attack-nhs-live-updates?CMP=Share_AndroidApp_Copy_to_clipboard
post #2 of 18

So what's the recommended course of action then? Shut your computer down for the day?

post #3 of 18

We're all in poop city now.

post #4 of 18
Thread Starter 
Don't get really sick or break a leg for a few days. You might not be admitted and if you the hackers might steal your money.
post #5 of 18
Thread Starter 
Quote:
Originally Posted by Moltisanti View Post

We're all in poop city now.

Call McLane.
post #6 of 18
Quote:
Originally Posted by Headless Fett View Post

So what's the recommended course of action then? Shut your computer down for the day?
Well, A. don't fucking open strange attachments from unfamiliar email addresses. Just like 99% of other ransomware attacks, this one operates by assuming that every potential target has someone with no common sense who will open any damn thing they get in their email.

B. making sure your Windows install is up-to-date is also a good idea. Microsoft has already released a patch for this vulnerability, people just haven't installed it.

But mostly A.
post #7 of 18
Thread Starter 
Wtf? There's some poor soul in Hospital admin somewhere who's to blame for this?

I thought these days hackers could just attack, without someone opening an attachment.
post #8 of 18
Where that's possible, it's a lot harder. Much easier just to mass-spam the entire world and trust that every practice has a dear old granny working the front desk who will unwittingly unleash Hell, because 90% of them do.
post #9 of 18
My understanding is that todays virus is the kind that doesnt require an opened attachment.
post #10 of 18
Thread Starter 
Oh. Great.
post #11 of 18
That wasn't what I was reading in the coverage, but I could be wrong. In any case, definitely make sure you get the updates installed.
post #12 of 18

Yeah, they're saying it's from one of the NSA/shadowbrokers dumps.  So some sort of legit exploit.  But, as mentioned, most of were patched a while ago anyway, so I heard.

So it's a matter of not updating.  Guessing at a lot of the targets, I wouldn't be surprised if they were still running XP  (like the large supermarket chain I work for.  Fun times ahead!)

post #13 of 18
I looked into it some more and it sounds like its ability to spread without human intervention is limited to computers on the same local network. So offices are going to have a hell of a time with this, but they were going to anyway because every office makes all of their network shares totally accessible to everyone because whatever random software they're using breaks if it can't fondle c:\temp\temp.tmp on J. Random Workstation or whatever, but home users shouldn't have much to worry about if they exercise basic common sense and don't open freecandy.jpg.zip.exe from some random person they don't know.

Oh, and: thanks, WikiLeaks!
post #14 of 18

Some Krebs for further info

 

Quote:

An alert published by Spain’s national computer emergency response team (CCN-CERT) suggested that the reason for the rapid spread of Wana Decryptor is that it is leveraging a software vulnerability in Windows computers that Microsoft patched in March.

According to CCN-CERT, that flaw is MS17-010, a vulnerability in the Windows Server Message Block (SMB) service, which Windows computers rely upon to share files and printers across a local network. Malware that exploits SMB flaws could be extremely dangerous inside of corporate networks because the file-sharing component may help the ransomware spread rapidly from one infected machine to another.

 

 

https://krebsonsecurity.com/2017/05/u-k-hospitals-hit-in-widespread-ransomware-attack/#more-39343

 

It's early days but it looks like it did get in via email initially.  Which is something of a relief I guess.  What we're left with is why this sudden explosion?  That'll be interesting.

 

Telling people not to open attachments is such a hard lesson sometimes though.  In an office environment you can be strict.  But other people, it's so much tougher. My mum and her friends forward around glurgey cat slideshows and motivational messages like it's 2003 all the time and she's got caught once or twice.  The question becomes "I thought you just don't open unknown things from the bank?  Why would Jill send me something bad?".  And you have to explain that Jill might not know it's bad, or Jill might not even know at all, or it might not even be Jill.  There are tell tale signs if you know what to look for but when people are sending random stuff to each other all the time and all addresses are merely different kinds of meaningless gibberish to someone it's a hard problem.

 

As some security wonks pointed out, this thing 'going viral' is going to backfire in a big way.  Ransomware works by staying off the radar.  Plenty of these places have been paying off these types of attacks pretty regularly for a while.  But as long as it was just a couple of machines in  one little business or doctor's surgery or whatever it wasn't worth anyone's while to chase down whoever is getting the bitcoins in any one case.  The more sparse and individual the attacks the harder it was for law enforcement to build up solid picture too.  Now friggen' everyone is gunning for these guys.  Like, the entire world's security services at once.

post #15 of 18
Quote:
Originally Posted by Bluelouboyle View Post

Wtf? There's some poor soul in Hospital admin somewhere who's to blame for this?

I thought these days hackers could just attack, without someone opening an attachment.

 

There's always someone to blame in hospital admin for something.

 

Because they're awful.

 

Now as for the situation at hand.

 

"Today’s Massive Ransomware Attack Was Mostly Preventable—Here’s How To Avoid It"

 

http://gizmodo.com/today-s-massive-ransomware-attack-was-mostly-preventabl-1795179984

post #16 of 18

Quote:

Originally Posted by commodorejohn View Post


Well, A. don't fucking open strange attachments from unfamiliar email addresses. Just like 99% of other ransomware attacks, this one operates by assuming that every potential target has someone with no common sense who will open any damn thing they get in their email.

B. making sure your Windows install is up-to-date is also a good idea. Microsoft has already released a patch for this vulnerability, people just haven't installed it.

But mostly A.

 

That's common fucking sense at this point really. It's amazing how many people ignore that one.

 

Also, I updated my PC a few days ago so it looks like I'm safe.

post #17 of 18
post #18 of 18
Quote:
Originally Posted by Headless Fett View Post

That's common fucking sense at this point really. It's amazing how many people ignore that one.

So many people seem to only know, or are centered around facebook as "the internet" that I am not surprised attachment protocol is something they are ignorant of.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Political Discourse
CHUD.com Community › Forums › POLITICS & RELIGION › Political Discourse › Global cyber attack.