Global Ransomware attack happening today
Ransomware has been a global plague for years, but today it hit a new peak.
There have been reports of infections in the UK, US, China, Russia, Spain, Italy, Vietnam, Taiwan and others.Security researchers are linking the incidents together.
One cyber-security researcher tweeted that he had detected 36,000 instances of the ransomware, called WannaCry and variants of that name."This is huge," he said.
Another, at cyber-security firm Kaspersky, said that the ransomware had been spotted cropping up in 74 countries and that the number was still growing.
What is unusual about this outbreak is the victims. We aren't talking about grandpa and grandma here, but major institutions.
The UK's National Health Service (NHS) was also hit by a ransomware outbreak on the same day and screenshots of the WannaCry program were shared by NHS staff.
Telecoms giant Telefonica said in a statement that it was aware of a "cybersecurity incident" but that clients and services had not been affected.
Power firm Iberdrola and utility provider Gas Natural were also reported to have suffered from the outbreak.
...
Another firm that confirmed it had been caught out was delivery company FedEx.
"Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware," it said in a statement.
Bitcoin wallets seemingly associated with the ransomware were reported to have already started filling up with cash.
"This is a major cyber attack, impacting organisations across Europe at a scale I've never seen before," said security architect Kevin Beaumont.
So why is this ransomware so successful?
Funny you should mention that. Remember the recent Wikileaks release of NSA exploit tools?
Yeh, that one.
Several experts monitoring the situation have linked the infections to vulnerabilities released by a group known as The Shadow Brokers, which recently claimed to have dumped hacking tools stolen from the NSA.
A patch for the vulnerability was released by Microsoft in March, but many systems may not have had the update installed.
Some security researchers have pointed out that the infections seem to be deployed via a worm - a program that spreads by itself between computers.
FYI, worms don't require you to click on a web site and open an email.
At least 100 firms in Spain are under attack.
If you are using Windows, you need to make certain that you run Windows Update today!
Don't delay!
NHS hack: So NSA had secret backdoor into Windows. Details leaked few weeks ago. Now backdoor being exploited by random criminals. Nightmare
— Sam Coates Times (@SamCoatesTimes) May 12, 2017
Comments
Cybercrime has gone mainstream
It's banal
And it's everywhere
Bitcoin OTOH is loving it
In an ironic twist
GCHQ posted this just today.
GCHQ is the British NSA.
Bitcoin can eat a bag of dicks.
Modern education is little more than toeing the line for the capitalist pigs.
Guerrilla Liberalism won't liberate the US or the world from the iron fist of capital.
Out of curiosity, what's your beef against bitcoin?
I see it as a pretty effective attack against global capital.
A lot of wanderers in the U.S. political desert recognize that all the duopoly has to offer is a choice of mirages. Come, let us trudge towards empty expanse of sand #1, littered with the bleached bones of Deaniacs and Hope and Changers.
-- lotlizard
@SnappleBC My problem w/it is it
My problem w/it is it creates another aristocracy of digitally-skilled folks. Not a bad experiment, I guess, but we need one a whole lot better.
"More for Gore or the son of a drug lord--None of the above, fuck it, cut the cord."
--Zack de la Rocha
"I tell you I'll have nothing to do with the place...The roof of that hall is made of bones."
-- Fiver
@The Aspie Corner So can GCHQ.
So can GCHQ.
"Keeping Britain safe," FFS.
"More for Gore or the son of a drug lord--None of the above, fuck it, cut the cord."
--Zack de la Rocha
"I tell you I'll have nothing to do with the place...The roof of that hall is made of bones."
-- Fiver
Windows
Lol.
" In the beginning, the universe was created. This has made a lot of people very angry, and is generally considered to have been a bad move. -- Douglas Adams, The Hitch Hiker's Guide to the Galaxy "
“Brand-name” PCs that run Windows — LOL again.
HP laptops covertly log every keystroke, researchers warn
And of course the cynic in me...
Is convinced that Microsoft is kicking itself for not doing this earlier.
And who's to say... they aren't.
I mean, supposedly NOBODY knows who is doing this, and it's worth billions...
Yes, I do have that low of an opinion of major companies. Especially since their "Updates" have a nasty habit of installing their spyware anyway, and it's a very short step.
I do not pretend I know what I do not know.
And everyone thought they were getting Windows 10 for free
/S ????
Why Ds think they're under attack from Russia
My address is being heavily phished right now, scads of junk from spammers and such. Then, among all that comes a notice what looks like a real credit card security warning, in html of course so I can't see the hidden web bug embedded in the message. From an address that ends in .ru, I used dig and whois to trace, it is owned by this corporation:
Note it is a Cable/DSL connection, and the mailer? Of course it is:
Garbage in, garbage out. Anyone ever do Exchange support? Remember when Outlook used to silently copy a personal.pst to whatever location a user happened to log in from? In the background, no matter how big or protected it was? That is why Huma's mail on Weiner's PC didn't surprise me at all, despite the printing excuse. I wonder if MS ever changed that stupid default. It seems to me that Podesta was fooled by some script kiddie on the Internets, state-sponsored or not. Windows should not be deployed anywhere anymore, until Microsoft cleans up their shitty security by obscurity crap. That would MAGA.
Almost every single piece of garbage that comes over the wire now is from a Windows machine, and Bill Gates is the richest asshole on the planet. Free market for the win.
Thanks
Their products haven't gotten any better...
in almost 10 years.
The newest version of Windows I will use is Windows 7, and that's with IE turned off, most of the "Helpful" features disabled, and Steam about the only resident program on there.
I do not pretend I know what I do not know.
Ten years? Keep going.
well I was feeling old today anyway, what the hell I was a Microsoft Certified Professional in 2000, rode that Y2k bubble like a bucking bronc I did. My status has since expired, along with the dotcoms. I still think NT was the apex of Microsoft Operating Systems but not 4.0, never buy any v4.0 from MS is what we learned over time. Quality.
Is why "the cloud" has no versions.
Still going strong. LOL http://www.workjoke.com/programmers-jokes.html
Peace
Who's the real danger?
This came out just yesterday.
But worry about Russia.
LMAO!!!!
Yaldabaoth, Saklas I'm calling you. Samael. You're not alone. I said, you're not alone, in your darkness. You're not alone, baby. You're not alone. "Original Sinsuality" Tori Amos
Russian hackers are using the CIA's "Marble"
to play a forensic attribution double game. Most of the apparent hacking from the US is actually coming from the basement of the Kremlin.
@CB Uh...really? Or
Uh...really? Or snark?
It's gotten hard to tell anymore. We live in weird times.
"More for Gore or the son of a drug lord--None of the above, fuck it, cut the cord."
--Zack de la Rocha
"I tell you I'll have nothing to do with the place...The roof of that hall is made of bones."
-- Fiver
Really? Really
yeah why not CIA using Marble to spoof attacks, digital Gulf of Tonkin if you know what I mean. Whoa, I just searched for a reference and ended up on the source code page of Wikileaks SECRET in red all over the place. Not what I was looking for, but wow. look away
Here is what I was trying to find, a brief 'splainin', it is also from Wikileaks, but not a page splattered SECRET: https://wikileaks.org/vault7/
I noted March 31st is the date on Wikileaks Vault7 page, MS had already released their patches on the 14th, two weeks earlier.
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
Thanks
@eyo Oh yeah, I know
Oh yeah, I know about that. Didn't surprise me any. But I am surprised at the assertion that all the apparently US-based hacking is coming from the basement of the Kremlin, and I couldn't actually tell if that was snark or not, because, well, weird times.
"More for Gore or the son of a drug lord--None of the above, fuck it, cut the cord."
--Zack de la Rocha
"I tell you I'll have nothing to do with the place...The roof of that hall is made of bones."
-- Fiver
@eyo I'm going to
I'm going to assume it was snark.
"More for Gore or the son of a drug lord--None of the above, fuck it, cut the cord."
--Zack de la Rocha
"I tell you I'll have nothing to do with the place...The roof of that hall is made of bones."
-- Fiver
"consider it snark" me too. And weird times?
thanks, weird times indeed. I can hardly function at all anymore with the collapsing web of trust, in need of repair here.
Within my proximity things seem to be changing rapidly not for the better, yet the news media prattles on as if everything is fine, like:
Chamber of Commerce: Come to Cloverdale and wine taste!
Next week: Cloverdale Welcome Sign destroyed by drunk driver!
Duh, and the cannabis rules, oh boy can't wait to read the entertaining police and fire logs. Dog, cat, pasta help us, may all stay out of jail and nobody get shot, that's all I can say right now.
Clovertucky out
Hehhehehe... here's the key to discover the truth
Of course the 'Special Key' must be applied by someone having a modicum of intelligence and background knowledge.
@CB It can only be
It can only be applied by someone who's capable of using their reason.
"More for Gore or the son of a drug lord--None of the above, fuck it, cut the cord."
--Zack de la Rocha
"I tell you I'll have nothing to do with the place...The roof of that hall is made of bones."
-- Fiver
@CB
Lol, and I'll bet that Kremlin basement is just loaded with Bernie Bros throwing chairs for exersize whenever not hacking manipulative liars and cheats.
Psychopathy is not a political position, whether labeled 'conservatism', 'centrism' or 'left'.
A tin labeled 'coffee' may be a can of worms or pathology identified by a lack of empathy/willingness to harm others to achieve personal desires.
GIGO
Yeppers. Been there, done that.
Sounds reasonable to me.
Ever.
I realize I'm probably guilty of some gloating here. But I just can't get over the fact that Linux and BSD, two operating systems one can easily acquire for free, start out with far better inherent security than Windows accomplishes with constant patching; and when patches are needed, they're still easily available too.
Which Microsoft will never do. They're married to that "shitty security by obscurity crap". And, as we can plainly see, it doesn't work as well as the open source "security by no place to hide" methods do.
Linux and BSD, my friends. They're the way to go.......
edited to correct blockquote
"US govt/military = bad. Russian govt/military = bad. Any politician wanting power = bad. Anyone wielding power = bad." --Shahryar
"All power corrupts absolutely!" -- thanatokephaloides
Windows isn't going away anytime soon
Not because of it's quality/security/etc., but because of its successful business model.
You can always find tech support and people familiar with it, and you can always find an well-known application to do what you need to do.
And a sensible, measurable financial plan to do it all.
None of that, of course, applies to the home user.
business model
All of which is now true of Linux as well (adoption of this model is where Ubuntu came from). And if Microsoft doesn't find a better way to get and keep its OS secure from trash like the stuff gjohnsit described in today's Essay, the world will continue migrating to the POSIX systems.
On the other hand, with Linux (especially) and BSD, all of it applies to the home user. Support information is available on the Web, easily accessed and for free. Applications to do almost any imaginable task are available -- again, for free. And the OS is inherently more secure from the kind of invasions our Essayist describes, simply because the security model used by open source operating systems (no where to hide) works better than "security by obscurity" does.
Microsoft is facing some problems with this issue. The question is and remains: What will they do about it?
"US govt/military = bad. Russian govt/military = bad. Any politician wanting power = bad. Anyone wielding power = bad." --Shahryar
"All power corrupts absolutely!" -- thanatokephaloides
Hello there from the world of Ubuntu 16.04 LTS.
I can't recall how long ago I last ran windows, and then only because I had to be compatible with my employer, and Win xx.yyy broke the compatibility with the far superior WARP os from big blue ugly.
That, in its essence, is fascism--ownership of government by an individual, by a group, or by any other controlling private power. -- Franklin D. Roosevelt --
I'm running UbuntuStudio.
I'm running UbuntuStudio 16.10/17.04. Basically, a Yakkety userworld on a Zesty Zapus kernel. That's because my laptop has an Intel Atom Bay Trail "system on a chip" heart, so I run a Linuxium kernel. As Ian "Linuxium" Morrison points out, pretty soon his Atom support will be merged into standard kernel, so I won't need to do that any more.
And again, free and secure -- straight out of the box.
"US govt/military = bad. Russian govt/military = bad. Any politician wanting power = bad. Anyone wielding power = bad." --Shahryar
"All power corrupts absolutely!" -- thanatokephaloides
"And again, free and secure" Except for the firmware parts
let's not get too carried away about software freedom on Linux and BSD, until vendors release all the code, or at least the documentation.
Microsoft is now a Platinum Member of the Linux Foundation. That kind of embrace is what I'm used to, waiting for the "extend" next, it is happening every day in fact, and then the "extinguish" part starts kicking.
BSD is not GPL licensed, be careful what freedoms you ask for, that's all I have to say.
Thanks
software blues
I don't think I'm using any closed-source code on this laptop, with the exception of the Flash Shockwave player. And my need for that, thank Cat, is going away courtesy of HTML5. Everything else I do, I can do with applications I can compile entirely from freely available source code if I'm so inclined. Same goes for the OS itself.
I do realize that certain individuals' mileage may vary, however.
EDIT: Re-reading the subject/title of the message I'm replying to: Firmware is a PITA with any operating system. Hardware vendors tend to keep that stuff close to the vest. It's a major reason that hardware that ran Windows Vista fine can't run Windows 10 at all (for just one example).
I'd settle for the base firmware itself, and guidance for its use in drivers, being available publically and for free. And I face that particular problem on one thing I own which starts out running Linux -- my ZTE Maven Android smartphone. So I do know of what you speak!
"US govt/military = bad. Russian govt/military = bad. Any politician wanting power = bad. Anyone wielding power = bad." --Shahryar
"All power corrupts absolutely!" -- thanatokephaloides
No wireless chipset? Network card? Video?
Atheros is the only free networking code in Linux, as far as I know, the others have all been reverse engineered, or rewritten from scratch with whatever sparsely documented specifications the vendor makes available. Linux downloads a proprietary firmware helper "blob", a non-free binary, to work with non-free hardware companies (nearly all). What about the video card? Remember this?
LOL, they were more responsive after that, but still closed, non-free forever. Google with Android is the biggest free leech I have ever seen, maybe Facebook ties them for take take taking so much code, making billions, and paying only a few programmers compared to the lobbyists and politicians now on their payroll.
Wireless firmware will never be free I think, because Jo Blosephine will then turn up their radio power full blast, why not? I've done it with a directional antenna and OpenWRT on a Linux router before, it was easy, and necessary for that location.
The problem is with politicians who are too uneducated to realize if all the code was free, or at least in escrow for professional public review, then shit would get fixed so fast by the interested and clueful public, they wouldn't believe it. Plus, they wouldn't be in control anymore, can't have that now can we?
Peace
firmware (some more)
My wireless card is, indeed, an Atheros. And with the Intel Atom series of processors (I have a Bay Trail series Atom) most of the rest of the functions you mention are handled by the processor complex IC. Although it's been like pulling teeth, Intel's been getting better at providing code, drivers and materials to support the Atoms on Linux. I believe I've mentioned Ian "Linuxium" Morrison above as one of the private coders working on support for these systems.
And I've sweated those fucking Nvidia video cards in my day, so I know of what you speak there. As I said, firmware is a pain in the ass no matter what OS you run. And it's a pain in the ass for the exact reason you specified:
Add to that just basic, good old fashioned greed (why let someone keep using their old $100 video card when we can sell them a $1000 video card instead?). Again, that's Nvidia to a "T" regardless of what OS we're talking about here.
And Peace be with and upon you as well!
"US govt/military = bad. Russian govt/military = bad. Any politician wanting power = bad. Anyone wielding power = bad." --Shahryar
"All power corrupts absolutely!" -- thanatokephaloides
change your operating system today
.... change your operating system to Linux or BSD today!
"US govt/military = bad. Russian govt/military = bad. Any politician wanting power = bad. Anyone wielding power = bad." --Shahryar
"All power corrupts absolutely!" -- thanatokephaloides
Sadly easy to say...
and not so easy to do.
Used to be I was a gamer so that nixed any hope of Linux right off the bat. More lately, photoshop is the stumbling block. I have no real problem with linux. I've installed it dozens of times for USB troubleshooting and for a while I even ran a laptop with a dead HD connector using pendrive linux.
I've thought about running VM's under linux but yeah... lot of hassle and problems for an attempt to stop an enemy that cannot really be fought this way.
A lot of wanderers in the U.S. political desert recognize that all the duopoly has to offer is a choice of mirages. Come, let us trudge towards empty expanse of sand #1, littered with the bleached bones of Deaniacs and Hope and Changers.
-- lotlizard
Photoshop and Linux
Since I've never had the bucks for Photoshop and the need for it at the same time, I've never become dependent on it. The free and open-source GIMP meets all my needs quite well. However, as I remarked to eyo, others' mileage may vary.
If you have a reasonably powered Linux machine about, I do recommend you give GIMP a try. I daresay you may well find yourself pleasantly surprised.
"US govt/military = bad. Russian govt/military = bad. Any politician wanting power = bad. Anyone wielding power = bad." --Shahryar
"All power corrupts absolutely!" -- thanatokephaloides
Sadly, GIMP doesn't do the job
I need some of the professional level features like serious color management. I also exchange a lot of other work with graphics professionals so compatibility is key. I've used Gimp before (although they've made some nice improvements recently I've only glanced at). But for me, I'm afraid that photoshop is required.
What I do to keep down costs is buy old versions and keep them for a few years.
A lot of wanderers in the U.S. political desert recognize that all the duopoly has to offer is a choice of mirages. Come, let us trudge towards empty expanse of sand #1, littered with the bleached bones of Deaniacs and Hope and Changers.
-- lotlizard
They should put together a WW2-style poster and PSA campaign.
Along the lines of “Loose lips sink ships” and “Is/Was this trip really necessary?”.
@thanatokephaloides You sound like the Car
You sound like the Car Talk guys: "A Subaru? Well, there's your problem!"
"More for Gore or the son of a drug lord--None of the above, fuck it, cut the cord."
--Zack de la Rocha
"I tell you I'll have nothing to do with the place...The roof of that hall is made of bones."
-- Fiver
Yawn! Shut the back door.
A small firm hired my brother to optimize their computers. He stripped out the bloatware and backdoor access code and installed his own custom patches. The techs in Redmond detected the illegal activity.
Microsoft's lawyers sent a junior partner to intimidate my brother (big mistake) and the "Owners" of the Microsoft software. This poor fellow got a lesson that day. The lawyer was handed a stack of Microsoft Media held together by a spike driven through and through and a notice informing Microsoft that their backdoor services were no longer required.
Do you get timed automatic updates? Are you required to leave your computer online while you are not around? Do "authorized" personnel access your computer sans your knowledge?
From an Ars article
https://arstechnica.com/security/2017/05/an-nsa-derived-ransomware-worm-...
Compensated Spokes Model for Big Poor.
It's now attacked 99 countries
this could get very bad
Wannacry Killswitch found accidentally
First round is going quiet for a minute.
https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack
So simple! lol See how MS has embraced and extended the Internet protocols? lol Search Halloween Papers if you want to feel as old as me right now. oof
Peace
Crash override.
The deep state and the Elysium corps will start titrating the lives of these hackers now that the war is joined. Run Johnny Mnemonic.