Author Topic: Hackers hold a city hostage!  (Read 2827 times)

0 Members and 1 Guest are viewing this topic.

Offline windsmurf

  • Frequent Contributor
  • **
  • !
  • Posts: 626
  • Country: us
 

Offline EEVblog

  • Administrator
  • *****
  • Posts: 31346
  • Country: au
    • EEVblog
Re: Hackers hold a city hostage!
« Reply #1 on: May 27, 2019, 10:17:16 am »
Hacks like that will only grow in popularity.
And it seems they aren't being greedy and setting the level at something that they know they might pay just to make the hassle go away.
 

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2801
  • Country: si
Re: Hackers hold a city hostage!
« Reply #2 on: May 27, 2019, 10:28:34 am »
Yeah the reasonable sum of money makes it easier for them to pay up, get this mess over with and get back to business. So the hack was probably done with profit as the goal.

Tho i wonder if these bitcoins are any more difficult to spend since places accepting payment could see they came from this transaction if the city makes the transaction id public. That is  ignoring the part about the police likely watching the flow of it to try and find the person behind this.
 

Offline EEVblog

  • Administrator
  • *****
  • Posts: 31346
  • Country: au
    • EEVblog
Re: Hackers hold a city hostage!
« Reply #3 on: May 27, 2019, 11:11:13 am »
Tho i wonder if these bitcoins are any more difficult to spend since places accepting payment could see they came from this transaction if the city makes the transaction id public. That is  ignoring the part about the police likely watching the flow of it to try and find the person behind this.

They must have a way to launder the bitcoins.
 

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 11191
  • Country: us
  • DavidH
Re: Hackers hold a city hostage!
« Reply #4 on: May 27, 2019, 05:04:01 pm »
Hacks like that will only grow in popularity.
And it seems they aren't being greedy and setting the level at something that they know they might pay just to make the hassle go away.

Doubly so when the security firms which provide ransomware solutions do so by just paying the hackers:

https://features.propublica.org/ransomware/ransomware-attack-data-recovery-firms-paying-hackers/

They must have a way to launder the bitcoins.

That is not difficult to do.  The people who get caught did not bother.
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 5243
  • Country: de
  • A qualified hobbyist ;)
Re: Hackers hold a city hostage!
« Reply #5 on: May 28, 2019, 09:54:31 am »
In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc: https://www.nytimes.com/2019/05/25/us/nsa-hacking-tool-baltimore.html

Doesn't Baltimore install patches? Nearly two years ago Microsoft published the patch for EternalBlue, even for out-of-support XP.
 

Offline orion242

  • Supporter
  • ****
  • Posts: 745
  • Country: us
Re: Hackers hold a city hostage!
« Reply #6 on: May 28, 2019, 05:32:22 pm »
Doesn't Baltimore install patches?

Patches were as current as their backups apparently.

Epic fail.  Hopefully a few people lose their jobs
 

Offline rrinker

  • Super Contributor
  • ***
  • Posts: 2030
  • Country: us
Re: Hackers hold a city hostage!
« Reply #7 on: May 28, 2019, 06:50:23 pm »
 Unfortunately the only people likely to lose their jobs over this are some low level people, not the people actually responsible for making the decision not to patch - or just being so ignorant as to not think about patching at all. Which, being a government job, is all too likely a scenario.
 

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2801
  • Country: si
Re: Hackers hold a city hostage!
« Reply #8 on: May 28, 2019, 07:50:52 pm »
Unfortunately the only people likely to lose their jobs over this are some low level people, not the people actually responsible for making the decision not to patch - or just being so ignorant as to not think about patching at all. Which, being a government job, is all too likely a scenario.

Or not knowing why it should be patched at all, even tho it works just fine right now. The people that make the decisions probably have no clue about technology.

This is the sort of people that push for a law to force companies running messaging apps with end to end encryption to hand over the users chat logs. Then being explained that that's impossible according to mathematics and then responding with "Well they should hand over the logs anyway". If they could do that, whats the point of having encryption in the first place?
 

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 11191
  • Country: us
  • DavidH
Re: Hackers hold a city hostage!
« Reply #9 on: May 28, 2019, 08:50:17 pm »
Doesn't Baltimore install patches? Nearly two years ago Microsoft published the patch for EternalBlue, even for out-of-support XP.

While it may not apply in this case, Microsoft has gained an appalling tendency to include feature updates with their patches which break things leading to a justified distrust in patching any system unless absolutely required.
 

Offline SparkyFX

  • Frequent Contributor
  • **
  • Posts: 629
  • Country: de
Re: Hackers hold a city hostage!
« Reply #10 on: May 28, 2019, 10:19:41 pm »
If it is important, it needs backups.
Support your local planet.
 

Offline orion242

  • Supporter
  • ****
  • Posts: 745
  • Country: us
Re: Hackers hold a city hostage!
« Reply #11 on: May 29, 2019, 12:32:26 am »
Think of their IT department and mix in electronic voting.  Insert train wreck here...
 

Offline windsmurf

  • Frequent Contributor
  • **
  • !
  • Posts: 626
  • Country: us
Re: Hackers hold a city hostage!
« Reply #12 on: May 29, 2019, 01:17:49 am »
Think of their IT department and mix in electronic voting.  Insert train wreck here...

I hear Putin laughing.   >:D
 

Offline bdunham7

  • Frequent Contributor
  • **
  • Posts: 581
  • Country: us
Re: Hackers hold a city hostage!
« Reply #13 on: May 29, 2019, 04:58:55 am »
Doesn't Baltimore install patches? Nearly two years ago Microsoft published the patch for EternalBlue, even for out-of-support XP.

While it may not apply in this case, Microsoft has gained an appalling tendency to include feature updates with their patches which break things leading to a justified distrust in patching any system unless absolutely required.

I thought Apple had a clear lead in breaking stuff with updates.   >:D
 
The following users thanked this post: Electro Detective

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2801
  • Country: si
Re: Hackers hold a city hostage!
« Reply #14 on: May 29, 2019, 05:05:24 am »
I thought Apple had a clear lead in breaking stuff with updates.   >:D

In that case you have probably not used Windows 10 yet.
 
The following users thanked this post: Electro Detective

Offline rrinker

  • Super Contributor
  • ***
  • Posts: 2030
  • Country: us
Re: Hackers hold a city hostage!
« Reply #15 on: May 30, 2019, 01:34:40 pm »
 I have had no issues with Win10 updates thus far.

There have been well known attacks in the past that ALSO exploited holes that were long patched - the old IIS "Hacked by Chinese" and one of the SQL ones, both of which I logged hitting my systems at home many years ago, but not actually doing anything because I had long prior applied the patches.

But, you can't fix stupid - only guard against it. Fear of patches is no excuse for not having good backups. We had a client who used shared logins for a large subset of users - account names and passwords were commonly stuck on the monitor with a post it, too - even though this was always the same user name and the password never expired. People STILL couldn't remember this - something they used literally every day at their job. In at least one case, the password was "Password". It didn't take hackers long to infiltrate when they already had a standard account to sit in and attempt other attacks. This all ended with a massive cryptolocker attack that wiped most of their systems. Despite these serious lapses in common sense security, they DID have good backups, secured and off site. So they basically told the hackers to stuff it with their ransom demands and they rebuilt the network from the ground up, using proper security techniques this time, and restored the data. A massive project, to be sure, but at least they learned their lesson, if only the hard way.

 

Offline madires

  • Super Contributor
  • ***
  • Posts: 5243
  • Country: de
  • A qualified hobbyist ;)
Re: Hackers hold a city hostage!
« Reply #16 on: May 30, 2019, 02:56:20 pm »
If users can't remember their login credentials they shouldn't use computers. >:D Maybe we need a "computer driving license", since it's easy to create disasters with any PC. All it takes is a highly skilled moron.
 

Offline David Hess

  • Super Contributor
  • ***
  • Posts: 11191
  • Country: us
  • DavidH
Re: Hackers hold a city hostage!
« Reply #17 on: May 30, 2019, 03:41:59 pm »
I have had no issues with Win10 updates thus far.

I have.

1.  I start a computation which will take days and then Windows 10 helpfully reboots to apply updates wasting days of work and time.  So I restart the computation and Windows 10 does it again, and again.  This has been a repeating problem.

2.  The Windows 10 update helpfully resets the configuration of installed programs or removes them entirely.

3.  Or the update simply breaks stuff ... like being able to boot.
 

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2801
  • Country: si
Re: Hackers hold a city hostage!
« Reply #18 on: May 30, 2019, 04:38:03 pm »
I have had no issues with Win10 updates thus far.

I have been using Win 10 for about 3 years at work because they ran out of Win 7 licenses and a lot of the problems i had with it had to do with updates. Here are some of them:

To get me some Win7 functionality back i installed a tweaker utility that changes a bit how the task bar works. That got broke by one update and needed reinstalling

To get more Win 7 functionality back i installed Gadgets from Win 7, a different update broke that at some point and after some fiddling about it started working again.

At some point a update made my Win 10 machine wake up from sleep due to just moving the mouse by a fraction of a milimiter. I fixed that later on trough the command prompt to disable sleep wakeup for all devices exept keyboard. Now about 2 years later my keyboard doesn't wake it up anymore all of a sudden, only the power button can wake it from sleep now. I still have to go and fix that.

I had a case where i had unsaved data when i left for the day and came back the next day to a empty desktop. It decided to do an update at night while in sleep mode without asking. Any programs that show a "Do you want to save?" dialog seamed to have gotten terminated when they refused to close so that the update could begin. This is functionally the same as getting a random BSOD that forces you to reboot. To disable updates i had to dig trough the registry and system services in order to kill it in a way that windows doesn't secretly re-enable them behind my back.

Once i came to my PC and had a completely different color theme set. When i went to select my old one i found out that its already set to it and selecting it again did nothing. Turns out i had to select a diferent theme, close the settings window, open it again and then select my old theme to get it back.

At some point i came to my PC finding the default web browser changed to Edge

At another point i noticed that Altium designer started showing multiple windows as two separate applications in the taskbar, this behavior seams to have disappeared by now.
Etc...
 

Offline eugenenine

  • Frequent Contributor
  • **
  • Posts: 822
  • Country: us
Re: Hackers hold a city hostage!
« Reply #19 on: May 31, 2019, 12:45:02 am »
This feature forced in server 2003 sp2
https://blogs.technet.microsoft.com/onthewire/2014/01/21/tcp-offloadingchimney-rsswhat-is-it-and-should-i-disable-it/

And of course any non-production server where sp2 was tested didn't have the problem because they didn't have a high load for long enough for it to show the issue.
 

Offline timelessbeing

  • Frequent Contributor
  • **
  • Posts: 804
  • Country: 00
Re: Hackers hold a city hostage!
« Reply #20 on: May 31, 2019, 03:34:59 am »
I was hit by ransomware a few years ago. It was a computer I didn't care about, but I did some research into the matter.

Never pay the hackers. Sometimes they just take the money and run (without decrypting your files). They keep their word just enough to keep people paying up. Sometimes they are unable to decrypt your files due to bugs so you get screwed anyway. There are benevolent groups who are sometimes able to reverse engineer the hacks, and make fixes. The hackers hang out in and listen to forums where people go for help.

Backup, backup, backup ...
 

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2801
  • Country: si
Re: Hackers hold a city hostage!
« Reply #21 on: May 31, 2019, 05:27:56 am »
I was hit by ransomware a few years ago. It was a computer I didn't care about, but I did some research into the matter.

Never pay the hackers. Sometimes they just take the money and run (without decrypting your files). They keep their word just enough to keep people paying up. Sometimes they are unable to decrypt your files due to bugs so you get screwed anyway. There are benevolent groups who are sometimes able to reverse engineer the hacks, and make fixes. The hackers hang out in and listen to forums where people go for help.

Backup, backup, backup ...

I never had such an attack so far but i am certainly fearful of them since it could potentially cause massive damage if it can spread trough the LAN.

I backup things to a NAS server. Its a Linux machine so much less likely to get infected itself, but its shearing everything trough Samba SMB since everything else are Windows machines. The data there is more valuable than the on machines themselves. It would be useful to have some sort of protection mechanism that could detect malicious activity and kill the server. Something like deleting or modifying too many files in a given time window. The limit would have to be set reasonably high to avoid false positives so it would still be able to eat some data, but loosing a GB is better than losing a few TB.
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 5243
  • Country: de
  • A qualified hobbyist ;)
Re: Hackers hold a city hostage!
« Reply #22 on: May 31, 2019, 10:32:18 am »
If your PC is infected with some crypto ransomware the files on the NAS will be encrypted too. Better keep backups offline, e.g. USB disks. Also keep multiple backups of different age on different disks/tapes. If you don't detect the malware immediately it may be in the last backup, but the older backup on another disk could be ok.
 

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2801
  • Country: si
Re: Hackers hold a city hostage!
« Reply #23 on: May 31, 2019, 10:53:03 am »
For that reason the weekly backups from PCs are kept for the last few months, they are incremental backups so they stay stay a small size. Also allows for garbing any file from any week in case a single important file is lost due to just user error.

Keeping full copies with history of the entire NAS raid array is not as easy.
 

Offline ptricks

  • Frequent Contributor
  • **
  • Posts: 670
  • Country: us
Re: Hackers hold a city hostage!
« Reply #24 on: May 31, 2019, 11:06:54 am »
Part of the problem is how lacking some organizations are in very simple protections.
One local business allowed employees to carry work home on usb drives for use on their personal pc :palm:

The best system I think is the kind that implements two networks that are not connected in any way.
1 network has the systems that are critical with no access by anyone to ports of any kind.
2nd network connects to the internet and does email and such and runs on different hardware entirely.

Companies short circuit the process by thinking newer hardware, virtual machines, networking can keep it all safe and put it on the same systems.
I have an old laptop that runs windows xp, no infections, no update issues, and it works reliably, it hasn't been connected to a network though in years.

 

Offline ptricks

  • Frequent Contributor
  • **
  • Posts: 670
  • Country: us
Re: Hackers hold a city hostage!
« Reply #25 on: May 31, 2019, 11:14:05 am »
If users can't remember their login credentials they shouldn't use computers. >:D Maybe we need a "computer driving license", since it's easy to create disasters with any PC. All it takes is a highly skilled moron.

Some places force you to reset your password every x many days, and you cannot re-use the old ones. The USA DOD requires a new one every 60 days, drives me nuts every time I see their email about password about to expire.  People either resort to password managers or start writing them down on sticky notes attached to the desk.
 

Offline Electro Detective

  • Super Contributor
  • ***
  • Posts: 2713
  • Country: au
Re: Hackers hold a city hostage!
« Reply #26 on: May 31, 2019, 11:20:18 am »
Most ransomware starts with insiders in on the scam

What's needed to slow it down is viral Youtubes showing public tar and feather and gorilla bonk :scared: of caught ransomware creeps

They'll think twice about using abusive code again and hitting on struggling PC owners for money  :popcorn:

 

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2801
  • Country: si
Re: Hackers hold a city hostage!
« Reply #27 on: May 31, 2019, 11:24:11 am »
Regular forced password changes never really improve security. It just results in people not being able to remember passwords so they write them down in some way. Similar deal is putting silly requirements on password complexity like: Must be between X and X characters long, must contain X number of upper case, X number of lower case, X number of digits, X number of symbols (But not telling what ones) all digits can't be adjacent... etc

Another thing that will happen is that people will just put a number on the end of the password and increment it by one on every change.
 

Offline orion242

  • Supporter
  • ****
  • Posts: 745
  • Country: us
Re: Hackers hold a city hostage!
« Reply #28 on: May 31, 2019, 12:25:29 pm »
Some places force you to reset your password every x many days, and you cannot re-use the old ones. The USA DOD requires a new one every 60 days, drives me nuts every time I see their email about password about to expire.  People either resort to password managers or start writing them down on sticky notes attached to the desk.

Hopefully this nonsense will go away.  NIST recently changed their PW recommendations and no longer suggests this.
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 5243
  • Country: de
  • A qualified hobbyist ;)
Re: Hackers hold a city hostage!
« Reply #29 on: May 31, 2019, 12:35:54 pm »
Some places force you to reset your password every x many days, and you cannot re-use the old ones. The USA DOD requires a new one every 60 days, drives me nuts every time I see their email about password about to expire.  People either resort to password managers or start writing them down on sticky notes attached to the desk.

NIST recommends to remove periodic password change requirements: https://www.alvaka.net/new-password-guidelines-us-federal-government-via-nist/
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 14918
  • Country: gb
Re: Hackers hold a city hostage!
« Reply #30 on: May 31, 2019, 12:48:27 pm »
Yeah it's pointless. Keep same password + add 2FA = sorted. https://duo.com/
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 5243
  • Country: de
  • A qualified hobbyist ;)
Re: Hackers hold a city hostage!
« Reply #31 on: May 31, 2019, 02:56:46 pm »
But please don't use mobile/smart phones for 2FA. Too many reports of SIM swap attacks and scams.
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 14918
  • Country: gb
Re: Hackers hold a city hostage!
« Reply #32 on: May 31, 2019, 03:25:56 pm »
Bit more compliated than that. Do use smartphones. Don't use SMS. Do use properly MDM controlled phones. Do use iOS. Don't use Android.
 
The following users thanked this post: apis

Offline Electro Detective

  • Super Contributor
  • ***
  • Posts: 2713
  • Country: au
Re: Hackers hold a city hostage!
« Reply #33 on: June 01, 2019, 10:06:51 pm »

Don't use passwords, toss the tech, upgrade your life to poor nomad living off the land = 99.9% Security   :popcorn:

Lets see hackers hack that  ;D

 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1667
  • Country: se
  • Hobbyist
Re: Hackers hold a city hostage!
« Reply #34 on: June 10, 2019, 03:13:36 pm »
Yeah it's pointless. Keep same password + add 2FA = sorted. https://duo.com/
Does duo have some advantage over other free H/TOTP apps, like google authentication?
 

Offline bd139

  • Super Contributor
  • ***
  • Posts: 14918
  • Country: gb
Re: Hackers hold a city hostage!
« Reply #35 on: June 10, 2019, 03:48:19 pm »
Yeah it does SSO as well.
 

Offline orion242

  • Supporter
  • ****
  • Posts: 745
  • Country: us
Re: Hackers hold a city hostage!
« Reply #36 on: June 21, 2019, 01:07:25 am »
another city popped with bull & shit for backups.

https://www.pcmag.com/news/369122/florida-city-to-pay-600-000-to-hackers-after-ransomware-att

These public officials need to be drawn out to the city circle and stoned for spending $600K of tax payer money to thieves over solid IT practices.
« Last Edit: June 21, 2019, 01:10:30 am by orion242 »
 

Offline james_s

  • Super Contributor
  • ***
  • Posts: 11984
  • Country: us
Re: Hackers hold a city hostage!
« Reply #37 on: June 21, 2019, 01:22:22 am »
It should be a criminal offense to pay the ransom. Doing so encourages the practice.
 

Offline orion242

  • Supporter
  • ****
  • Posts: 745
  • Country: us
Re: Hackers hold a city hostage!
« Reply #38 on: June 21, 2019, 01:34:05 am »
Agree for the most part.  There are cases that this is simply the lesser of two evils.  One would hope if your in a critical environment (far more than local gov), this is of little threat.  Sadly, that doesn't seem to be always the case.

I'm on CERT and other ICS mailing lists.  The warning of ransomware attacks on specific markets has been going out for a long time now.  Any governmental body has had warnings for couple years now.  Even if they ignore those, the press has been full of examples.  Its criminal negligence at this point in my mind.

On the bright side, I would hope that this changes the general decline in IT budgets I see.  Its a often discarded budget, yet more and more critically important area these days.  Least IMO.

« Last Edit: June 21, 2019, 01:53:46 am by orion242 »
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 4752
  • Country: nl
Re: Hackers hold a city hostage!
« Reply #39 on: June 21, 2019, 03:59:44 am »
Cryptocurrency has been such a boon to the world ...

I don't see how increased IT budgets will help much as long as IT doesn't start embracing proper compartmentalization. IT security went down a wrong path early in its history and never recovered. Apart from a few security agencies and financial institutions, everyone is doing it wrong.
« Last Edit: June 21, 2019, 04:02:15 am by Marco »
 

Offline james_s

  • Super Contributor
  • ***
  • Posts: 11984
  • Country: us
Re: Hackers hold a city hostage!
« Reply #40 on: June 21, 2019, 06:49:49 am »
No, it's never the lesser of two evils. Paying the ransom, negotiating with terrorists, it's legitimizing their tactics and encouraging it and anyone who does so should face punishment. I don't care what the alternative is, by the time someone like that has you over a barrel it's too late.
 

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2801
  • Country: si
Re: Hackers hold a city hostage!
« Reply #41 on: June 21, 2019, 09:14:07 am »
Well security is not a easy thing to do.

New exploits are constantly found in software, so something that is considered pretty secure today might be vulnerable tomorrow. The IT staff have to constantly be up to date on the latest security trends and upgrade the servers as needed. It's not so easy to isolate a machine on a network. The clients will often want extra functionality and as this happens again and again there is more crap running on servers, and that crap wants to talk to other stuff etc..

But its not all about security, if someone is determined enough they can get in. Its more about having a backup of all critical systems. If a machine is important enough to be worth paying $10 000 or more to unlock it from ransomeware then that machine must have a full backup log somewhere in a safe place. And most importantly a backup need to be tested to work. It happens all too often that backups are in place, but when shit hits the fan and the machine has to be restored from a backup, it then turns out the backup image doesn't work.
 
The following users thanked this post: james_s

Offline madires

  • Super Contributor
  • ***
  • Posts: 5243
  • Country: de
  • A qualified hobbyist ;)
Re: Hackers hold a city hostage!
« Reply #42 on: June 21, 2019, 09:25:08 am »
The damages including paying a ransom might be covered by an insurance policy. Increasing IT budgets is the right starting point, but the money has to be spent reasonably. Buying one expensive big box doesn't magically provide security. The IT infrastructure needs to be migrated from a single large LAN to cooperative islands to limit any impact of malware. Apply appropriate security practices. Backup, backup and backup! Train users on basic security and asking IT support if unsure about anything. Train IT staff on best current security practices. Set up network monitoring to spot problems early and check logs.
 

Offline orion242

  • Supporter
  • ****
  • Posts: 745
  • Country: us
Re: Hackers hold a city hostage!
« Reply #43 on: June 21, 2019, 09:54:46 am »
The damages including paying a ransom might be covered by an insurance policy.

Since you have no idea who your paying, you cannot be sure your not funding terrorists or others under sanctions.  Don't expect insurance to hand out cash blindly, it won't happen.
 

Offline Electro Detective

  • Super Contributor
  • ***
  • Posts: 2713
  • Country: au
Re: Hackers hold a city hostage!
« Reply #44 on: June 21, 2019, 10:14:02 am »
If serial cheapskate corporats don't want to employ and or pay good IT staff decent money to carry their problems 24/7,  |O

then let them pay out more on the Rware instead,  >:D

and pray the accountants can do something about the loss.  :horse:




..Since you have no idea who your paying,

you cannot be sure your not funding terrorists or others under sanctions..


But you can be 99.9% sure of funding disgruntled employee/insiders,  >:( :rant:

shafted ex IT personel and or suss temp fill in geeks,

or a partner with expensive bad habits that wants to financially cripple the business

so one of his mates or rels, or his irate loan shark can buy it for a box of donuts.  >:D

 
« Last Edit: June 21, 2019, 10:28:57 am by Electro Detective »
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 4752
  • Country: nl
Re: Hackers hold a city hostage!
« Reply #45 on: June 21, 2019, 10:53:20 am »
Well security is not a easy thing to do.

New exploits are constantly found in software, so something that is considered pretty secure today might be vulnerable tomorrow.
Except for the completely incompetent ones they know where their attack surfaces are ... yet all they really do about zero days is pray it doesn't hit them and they can patch their software after they becomes non zero day.

Just let everyone browse the web ... including sysadmins with remote access to everything. What's the worst that can happen?
 
The following users thanked this post: Electro Detective

Offline orion242

  • Supporter
  • ****
  • Posts: 745
  • Country: us
Re: Hackers hold a city hostage!
« Reply #46 on: July 07, 2019, 05:02:15 am »
Backups...

Not complicated, not expensive, nothing remotely new.  Even on the minimum budget, there is almost no reason to have a solid backup plan that would eliminate ransomware to anything more than a short term outage.  If gov body isn't willing to spend a minimal amount to cover solid backup strategy, they should be subject to a public hanging.

This ignores the common HD failure or other natural event failure of their main systems that they are apparently ignoring.  There is simply no reason to not have mission critical systems backed up.  IT 101...hello.
« Last Edit: July 07, 2019, 05:07:05 am by orion242 »
 
The following users thanked this post: james_s

Offline orion242

  • Supporter
  • ****
  • Posts: 745
  • Country: us
Re: Hackers hold a city hostage!
« Reply #47 on: July 19, 2019, 05:41:30 pm »
Quickbooks cloud hosting provider popped with ransomware.  Bet that's going to be a record payout if their backups are hosed.

https://krebsonsecurity.com/2019/07/quickbooks-cloud-hosting-firm-insynq-hit-in-ransomware-attack/

How safe is your data with these cloud services exactly?  Small gov bodies are peanuts if these jokers can roll up a cloud provider.
« Last Edit: July 19, 2019, 06:01:56 pm by orion242 »
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf