Subject: BS: Giant Hack of Everybody From: Mrrzy Date: 13 May 17 - 03:54 PM So, what do we think/know about the ransomware thing these last few days? Here is a google news search for it... |
Subject: RE: BS: Giant Hack of Everybody From: Senoufou Date: 13 May 17 - 04:43 PM It's weird isn't it Mrrzy? I can't understand how they did it, or why. Apparently no-one has given in to their demands, and most of the NHS here in UK is 'up and running' once more, thanks to a myriad of IT workers frantically addressing the problem. It could have put lives at risk through delays in blood test results, accessing patients' medical records and so on. It's worrying that it was so easy to do, in spite of (one would hope) strong safeguards. I'm the most non-savvy person on the planet when it comes to technology, but even I realise that if this can happen, nothing is safe. |
Subject: RE: BS: Giant Hack of Everybody From: DMcG Date: 13 May 17 - 04:44 PM |
Subject: RE: BS: Giant Hack of Everybody From: Senoufou Date: 13 May 17 - 04:57 PM Haha DMcG!! They seem to have gobbled up your post! |
Subject: RE: BS: Giant Hack of Everybody From: DMcG Date: 13 May 17 - 05:23 PM And it was quite long! Cant be bothered to retype it; many factors - use of XP one - cant easily upgrade because many systems developed ad hoc and on the cheap so developers not around - example of one i wrote around 2000 with 1 other person total cost around 8k - so lots of systema never teated on anyrhing except xp. If pc runs 10 systems but one a problem cant upgrade anything All business have similar problem but NHS at th extreme.end of cpmplexity - how to justify spending £x on IT upgrade vs reducing waiting list. Another problem common to all businesses is people doing too many jobs - errors and oversights matter of time Thàt's around one tenth of the original but i think most "bullet points" are in there |
Subject: RE: BS: Giant Hack of Everybody From: Mrrzy Date: 13 May 17 - 06:07 PM One of the newspaper stories about it (music reference!) says it was only stopped by accident... and how do we know it was an NSA-id'd weakness, and why didn't they fix it once the NSA told them about it, and did the NSA actually tell them about it, and if they didn't, can everybody sue the NSA? |
Subject: RE: BS: Giant Hack of Everybody From: Stilly River Sage Date: 13 May 17 - 06:25 PM Microsoft sent out a patch covering this a while back. The companies hit didn't install the patch. |
Subject: RE: BS: Giant Hack of Everybody From: Will Fly Date: 14 May 17 - 03:32 AM As far as the NHS is concerned, there are two major problems with its computer system(s). One is that, over the years, different practices and authorities have developed their individual systems without reference to each other. Two is that, notoriously, the chief executives or equivalents who sign these systems off don't understand how well they actually function. Government computer systems have often been poor because the powers that be believe what they're told by the companies charged with the work. My wife suffered for many years working, or trying to work, with computer problems at our local health centre. To compound the problem, when faults arose, the hardware supplier would blame the software supplier - and vice versa. Training was also inadequate. Trying to make a multiplicity of health units computers communicate efficiently with each other has been almost impossible. When we were asked by our health centre, some years ago, whether we wanted to opt out of our medical records from years back being put on to the computer system, we both said "yes". |
Subject: RE: BS: Giant Hack of Everybody From: JHW Date: 14 May 17 - 05:14 AM I've had emails pretending to be from folks I know but the after @ bit being something else. Message is only ever a link which obviously I don't investigate. Never knew the purpose of these but assumed it was roguery. |
Subject: RE: BS: Giant Hack of Everybody From: Jack Campin Date: 14 May 17 - 05:21 AM Meanwhile, Yandex doing the same things in Hungary: https://444.hu/2017/04/17/data-protection-agency-investigates-govt-sending-personal-data-of-hungarian-citizens-to-russia http://hungarianspectrum.org/2017/04/14/hungary-has-no-secrets-from-russia-the-strange-story-of-the-yandex-capture-code/ |
Subject: RE: BS: Giant Hack of Everybody From: Jack Campin Date: 14 May 17 - 05:23 AM ...argh, that was meant for the "Ocean, Trump and Brexit" thread. Different kind of computer-mediated criminality. |
Subject: RE: BS: Giant Hack of Everybody From: Mrrzy Date: 14 May 17 - 10:57 AM Still interesting, if slightly off-thread! And it wasn't an accident that stopped it, it was an accident that the backdoor was left so they COULD stop it. Brill 20something! |
Subject: RE: BS: Giant Hack of Everybody From: Donuel Date: 14 May 17 - 11:10 AM The Microsoft patch has wiped my preferences and forces me to see their app sale, their news, their preferences, their desktop. MS givith and taketh away. |
Subject: RE: BS: Giant Hack of Everybody From: Thompson Date: 14 May 17 - 01:36 PM It was particularly nasty to target hospitals; and it was particularly political to target a socialist health system… |
Subject: RE: BS: Giant Hack of Everybody From: Jack Campin Date: 14 May 17 - 01:42 PM It wasn't the socialism they targeted. It was the sleazy leeches in the IT-outsourcing companies who were too cheap to to pay to have their crappy systems updated. |
Subject: RE: BS: Giant Hack of Everybody From: ripov Date: 14 May 17 - 07:25 PM It has made nearly everyone install a specific patch from MS, even those like meself who keep update turned off. (still on W7) And blaming XP should do MS's sales of W10 a power of good. Just Sayin'. Although (and this is a personal opinion that I've had argy-bargy over)if the medical records system didn't need internet access (for the "Working for the NHS" cowboy outfits), and had its own fibre network, it would be much more secure. I don't understand how anyone could consider a system that anyone can access, a "secure" system. I just hope the NHS (and all the rest that got caught)have up-to-date backups. |
Subject: RE: BS: Giant Hack of Everybody From: Mrrzy Date: 14 May 17 - 07:44 PM So they say 100 countries were hit - I'm not sure I could NAME 100 countries. No, that is not an invitation to name all the countries, I got wiki too. |
Subject: RE: BS: Giant Hack of Everybody From: BobL Date: 15 May 17 - 03:05 AM Has any other XP user tried to install this patch? All I could find on the MS website was a zipped DLL file, and I don't know what to do with it. BTW I also use W10 and - for legacy and self-written DOS stuff - W98. |
Subject: RE: BS: Giant Hack of Everybody From: Senoufou Date: 15 May 17 - 04:07 AM Forgive my cynicism, but could it be possible that a major company that provides protective software (if that's the right word) has done this deliberately in order to sell something like the 'patch'? It's certainly made huge organisations re-think their security, and one imagines they'll be buying into extra technology to prevent this happening again. Could be very profitable for the vendors. |
Subject: RE: BS: Giant Hack of Everybody From: JHW Date: 15 May 17 - 05:57 AM I still get occasion updates for XP. Always a malicious software removal tool, the detail beyond my understanding. I wont be buying any W10 or anything else from MS as they played silly buggers with this XP suddenly deciding it was not genuine and turning things off. No way to challenge them. Had to get it reloaded. And I still like my full size screen. |
Subject: RE: BS: Giant Hack of Everybody From: Jack Campin Date: 15 May 17 - 08:05 AM Good point here (dunno if it can be seen outside Facebook): https://scontent.xx.fbcdn.net/v/t31.0-8/fr/cp0/e15/q65/18451473_1031152163686370_5953572155616834474_o.jpg |
Subject: RE: BS: Giant Hack of Everybody From: JHW Date: 15 May 17 - 11:23 AM I just got a blank page (gave up Fb some time since) |
Subject: RE: BS: Giant Hack of Everybody From: Mrrzy Date: 15 May 17 - 05:05 PM It's official. I can't name 100 countries without looking some up. Can any of you? I've started a document... no posting anything here. |
Subject: RE: BS: Giant Hack of Everybody From: Senoufou Date: 15 May 17 - 05:19 PM Well, I can, but only because I can reel off the 54 countries of Africa, which gives me a head start. Then the 28 of the EU, 12 of S America, 5 of Scandinavia and... the UK! I still can't understand why, how and by whom this catastrophe was engendered. |
Subject: RE: BS: Giant Hack of Everybody From: Mrrzy Date: 15 May 17 - 09:24 PM The UK I count as one country... and I cheated slightly, in that I went to the World section of the WashPo and looked at headlines. I don't apparently know all the countries in Africa, quelle horreur ! But I got over 100. Am still trying for the 150 it's apparently up to now... |
Subject: RE: BS: Giant Hack of Everybody From: Stilly River Sage Date: 15 May 17 - 10:30 PM Much of the world is using pirated Windows software so it doesn't receive updates and patches like paid-for versions receive. They were clobbered because they had the problem that Microsoft patched back in March. Or they had good OSs but hadn't updated them for some reason. |
Subject: RE: BS: Giant Hack of Everybody From: Joe Offer Date: 16 May 17 - 12:54 AM Wikipedia says Windows XP came out in 2001, and "mainstream support" ended in 2009. "Extended support ended in 2014, but I think that Microsoft has put out a few patches since 2014 to handle serious vulnerabilities. But is it reasonable to expect Microsoft to keep updating XP and keeping it invulnerable forever? And as for Windows 10, can we reasonably expect it to remain free from vulnerabilities if we do not accept the free updates that Microsoft provides? Yes, I've had problems with a few updates, but Microsoft has always come up with a "fix" very quickly. If you have software and you don't accept the updates, I think you're asking for trouble. I know there are lots of conspiracy theories that paint Microsoft as some sort of evil demon, but I don't believe the theories. -Joe- |
Subject: RE: BS: Giant Hack of Everybody From: Senoufou Date: 16 May 17 - 04:05 AM I too count the UK as one country. That means 54+28+12+5+1+100. If it's gone up to 150, then I'm stumped! I saw on BBC News yesterday evening that several countries gave in to the hackers' demands for money, and had their systems restored. In my view, that's utter madness. One should never give in to blackmail like that; it only gives them a sense of control and encourages them to do it again! The BBC interviewed some patients who had had their operations cancelled. It was heartbreaking; one young woman was waiting to have her leg amputated (not as an emergency) and was actually being prepared in the operating suite when it was halted and she was sent home. Another man was awaiting an urgent prostate biopsy, which was deferred for two weeks. He could have cancer. Another woman had her chemotherapy stopped (breast cancer) I do admire all the IT technicians working tirelessly throughout the night to get things restored. But this must not happen again. |
Subject: RE: BS: Giant Hack of Everybody From: Mr Red Date: 16 May 17 - 04:41 AM According to the Telegraph (so it must be true!) the IT worker who found how to switch off the ransom demand leaped and jumped like a child when he spotted the solution. The hacker(s) left a backdoor to switch it off. It involved a domain name that didn't exist, so he bought it. And it switched off the block. Now this story (call me cynical) was a big one so: 1) what stories did it bury on the world news scene? 2) did it divert attention from other scams/viruses/trojans. Let's face it, trawling for data is probably more lucrative and not being visible is more useful. 3) did this virus delete/overwrite other malware - Trumprussia ie. 4) who launched it, if no-one collected money, and it was relatively easy to switch off? 5) was the virus/worm a proof of concept, brace yerselves fer the next one! 6) It hasn't hurt sales of AV or Win 10, just repeating that. |
Subject: RE: BS: Giant Hack of Everybody From: Mrrzy Date: 16 May 17 - 10:46 PM Senoufou, y'en a 108, but I'm still under 30 in Africa. Does Antarctica have any countries? Also, don't neglect the ones that aren't on any continents, really. But back to the thread: Am I the only person that thinks that if you're using pirated software, you get what you pay for? |
Subject: RE: BS: Giant Hack of Everybody From: DaveRo Date: 17 May 17 - 01:07 AM ...if you're using pirated software, you get what you pay for? And in this case it would be the users of the pirated software who suffered. But malware can also spread malware, and spew spam, by establishing botnets. In that case we all suffer. So for major vulnerabilities Microsoft sometimes issues patches for XP and other out-of-support systens. Microsoft has come out of this well IMO. The NSA not so - they can't even keep their own secrets. Nor the British tabloids who named the young security researcher who said he wanted to remain anonymous. As for people who can't be bothered to keep their Windows OS up to date, they're being antisocial. |
Subject: RE: BS: Giant Hack of Everybody From: Mr Red Date: 17 May 17 - 03:18 AM The NSA not so - they can't even keep their own secrets. STOP PRESS well look who they got for their ultimate boss! What secrets is he keeping or not? It is a scary place out there. |
Subject: RE: BS: Giant Hack of Everybody From: Senoufou Date: 17 May 17 - 02:01 PM (Sorry for this thread drift) Mrrzy, have you been to the quiz site 'Sporcle African countries'? You can go on there and type in the countries until the clock runs out. It then shows which ones you missed. It has lots of different quizzes like that (I'm doing US States and their capitals at the moment) It keeps my old brain oiled. (Well, in theory anyway!) |
Subject: RE: BS: Giant Hack of Everybody From: Joe Offer Date: 20 May 17 - 06:51 PM PC World (click) says Microsoft has released a new patch to combat Wannacry ransomware. It works on Windows XP, Windows Server 2003, and Windows 8. |
Subject: RE: BS: Giant Hack of Everybody From: Mrrzy Date: 21 May 17 - 02:32 PM Thanx Eliza... I will check it out AFTER i think of 150 on my own. |
Subject: RE: BS: Giant Hack of Everybody From: Mr Red Date: 22 May 17 - 06:20 AM If I remember correctly the Linux community were all up in arms about a virus/worm that was launched by "Unknown" that sought-out servers and anyone on-line that had not installed a particular security patch and installed it! In concept a brilliant but 1) it may have cut across bespoke s/w, audit trail & methodologies therein. 2) it may have been collecting data for, as yet, undocumented vulnerabilities. 3) brilliant, but bad PR. |
Subject: RE: BS: Giant Hack of Everybody From: Andrez Date: 22 May 17 - 08:08 AM Ahem, one too many h's in the PC World url posted above Joe. Cheers, Andrez |
Subject: RE: BS: Giant Hack of Everybody From: DaveRo Date: 22 May 17 - 11:42 AM You may have heard of Mirai - an exploit that turns Internet of Things - IoT - devices, particularly webcams, into a botnet. Somebody wrote an exploit called BrickerBot that permanently disables - "bricks" - them. A vigilante worm. Don't buy an internet-connected fridge or cooker! Meanwhile there is a new exploit called EternalRocks which uses 7 of the leaked NSA tools - WannaCrypt used a mere two. And some polititions advocate back doors in encryption! Turns out it was mainly Win 7 machines affected by WannaCrypt, so it was people who didn't install updates. Perhaps some if them were avoiding Win 10. Win 10 itself is not vulnerable to these exploits. Perhaps NSA hasn't had its Win 10 hacks stolen yet. |
Subject: RE: BS: Giant Hack of Everybody From: leeneia Date: 22 May 17 - 12:37 PM It's sad to think of hospitals and businesses putting their clients at risk by using software which hasn't been updated in years. |
Subject: RE: BS: Giant Hack of Everybody From: Mrrzy Date: 05 Jun 17 - 09:29 PM OK, off topic I know, but I am finally up to 140 countries. No using maps. |
Subject: RE: BS: Giant Hack of Everybody From: Senoufou Date: 06 Jun 17 - 02:33 AM Bravo Mrrzy! |
Subject: RE: BS: Giant Hack of Everybody From: Stilly River Sage Date: 07 Jun 17 - 12:24 AM This is related - in the context of the past election cycle. https://www.pastemagazine.com/articles/2017/06/how-the-trump-russia-data-machine-games-google-to.html If it can happen in this way, it can happen any way. |
Subject: RE: BS: Giant Hack of Everybody From: Mr Red Date: 07 Jun 17 - 05:01 AM Brexit gave us the clue about mis-usuing Goggle & Farcebook, but the Trumpetting had already got underway by then. |