Surfer stops ransomware attack

[pwd72s]

Well done, young man, well done!

https://www.yahoo.com/news/expert-foiled-u-k-hospitals-115818173.html

[id10t]

And here at the college ITS is going nutz trying to push out the update to thousands of computers. Coworkers are *****ing because for forced restarts NOW not in 5 minutes, won't even bother saving any work in progress.

And I'm sitting at my desk, working away on my Linux systems, giggling about it all.

[intakexhaust]

The $ is in business insurance against cyber attacks

[sammyg2]

Quote:

Originally Posted by intakexhaust

The $ is in business insurance against cyber attacks

Until you had to pay.

What would keep customers from intentionally becoming "victims" just to get a payout?

[intakexhaust]

sammy ^Please, we're talking the business of insurance. Ever hear of very fine print?

Anyways, some insight from Oct 2016.
Will Cyberinsurance Replace Security? Cisco, Palo Alto On Alert | Stock News & Stock Market Analysis - IBD

[rwest]

I got to think at some point large companies will just go off the Internet for internal business- maybe separate computers one with company software and records, the other for working with the outside world.

I keep my HVAC computer control systems off the Internet so the constant security updates that used to make the propriety software stop working because the companies don't keep updating their software to keep in step. No Internet no hack. System works "forever."

[RKDinOKC]

Companies tend to get more and more lax until something gets in.

[JackDidley]

So, this malware comes in a email ?? What do I look for in the title ? I have not read about it. I normally use linux but I do boot Windows once in a while so I guess I should make sure I delete it.

[RKDinOKC]

It has a bunch of different titles and formats, you are wanted to open an attachment. What makes it so dangerous is once a computer is infected it spreads itself on the local network as well. Besides encrypting your computer and backups.

[JackDidley]

OK, thanks. I may have gotten it and deleted it already. I am pretty careful about that.

[RKDinOKC]

Microsoft also recommends go to install/remove programs and turn off SMBV1. It is an old version and is what the virus uses to spread around the network.

[JackDidley]

I just looked at my email. Nothing from anyone I dont know. Some in the spambox but I never open anything there. I should be safe anyway. I boot my old Vista laptop from time to time just to keep it going and I use some car tuning programs on the XP partition of this one on rare occasions. Mostly just to reset the service reminder on my Cayman lately. Not much tuning foing on these days.

[svandamme]

Quote:

Originally Posted by rwest

I got to think at some point large companies will just go off the Internet for internal business- maybe separate computers one with company software and records, the other for working with the outside world.

Security is always a trade off between security, cost, function and practicality.

Going off the internet, for better or for worse might have worked for this worm.
But for other virusses, it would not.

This worm only propagated over the network after somebody inside clicked it.
Hence the back end computers for the most part stayed online and very few servers got encrypted.

But if you go offline completely, and close off the internet completely
For one thing your employees will loose ability to look up things online.
For better or for worse, it has a business use, and also helps for morale.

Take that away, and you probably will have people come up with usb sticks. To have some music to play or take work home in the evening..
And yes, you can lock that down as well, if you really want to. But all that locking down comes at a cost for IT management. And these days companies see IT as a cost not something to get ROI on.
Or the virus will come in via laptops, smarthphones, you name it.. there is always a way The only safe pc is one without a network card and without any kind of other connections.. (wifi, floppy, usb, bluetooth)
But that pc will automatically be very, very limited in functionality.

For the most part companies are quite safe, if they run a good antivirus, have a good firewall and have workstations that are up to date on the latest patches.

That's where this one got through, those infected by the worm, for the most part were running XP or embedded XP.. which is out of support and did not have a patch for this vulnerability yet (MS did bring one out now for the occasion).

So if you run old crap on your production pc's, and the OS is unsupported , no longer being updated for known vulnerabilities, then really you are to blame if you get infected.

[widebody911]

https://theoutline.com/post/1536/uk-tabloids-doxxed-the-hero-hacker-who-stopped-a-global-cyberattack

[GH85Carrera]

Quote:

Originally Posted by svandamme

Security is always a trade off between security, cost, function and practicality.



So if you run old crap on your production pc's, and the OS is unsupported , no longer being updated for known vulnerabilities, then really you are to blame if you get infected.

We have a couple of old Win XP computers here. One only runs a photogrammetric scanner that we paid close to 70 grand for 15 years ago. It works fine and a replacement is insane money and film is going away anyway. It will never be replaced. We run a commercial anti-virus program on every computer in the office and they are all updated as soon as possible.

We have two Win 2000 computers. One is dedicated to run an old SCSI RAID. We have not had any issues with viruses mostly because the employees are all smart enough to never open a suspicious email.

[djmcmath]

Quote:

Originally Posted by svandamme

Security is always a trade off between security, cost, function and practicality.

In my office, there's no USB devices of any kind (unless specifically approved by corporate, which includes a short list of nearly obsolete mice and keyboards), no device of any kind which communicates wirelessly (cell phones, any Bluetooth enabled thing, like fitbits and similar, smart watches, and so on), anything which is capable of recording audio or video, and so on.

On the network side, all of our traffic goes through one of a tiny handful of firewalls. The internet policy is basically "deny all, with some exceptions," and all data gets passed through a strict filter. While that breaks a lot of internet functionality and means that work internet is 90's-era slow, it means we almost never have security problems.

[vash]

i hope he uttered something witty when he hit the send button..

like: "surfs up brah"

[vash]

and he is a surfer..by hobby? i dont get it. he identifies as a surfer?