Author Topic: Hackers hold a city hostage!  (Read 1478 times)

0 Members and 1 Guest are viewing this topic.

Offline ptricks

  • Frequent Contributor
  • **
  • Posts: 664
  • Country: us
Re: Hackers hold a city hostage!
« Reply #25 on: May 31, 2019, 09:14:05 pm »
If users can't remember their login credentials they shouldn't use computers. >:D Maybe we need a "computer driving license", since it's easy to create disasters with any PC. All it takes is a highly skilled moron.

Some places force you to reset your password every x many days, and you cannot re-use the old ones. The USA DOD requires a new one every 60 days, drives me nuts every time I see their email about password about to expire.  People either resort to password managers or start writing them down on sticky notes attached to the desk.
 

Online Electro Detective

  • Super Contributor
  • ***
  • Posts: 1981
  • Country: au
Re: Hackers hold a city hostage!
« Reply #26 on: May 31, 2019, 09:20:18 pm »
Most ransomware starts with insiders in on the scam

What's needed to slow it down is viral Youtubes showing public tar and feather and gorilla bonk :scared: of caught ransomware creeps

They'll think twice about using abusive code again and hitting on struggling PC owners for money  :popcorn:

 

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2236
  • Country: si
Re: Hackers hold a city hostage!
« Reply #27 on: May 31, 2019, 09:24:11 pm »
Regular forced password changes never really improve security. It just results in people not being able to remember passwords so they write them down in some way. Similar deal is putting silly requirements on password complexity like: Must be between X and X characters long, must contain X number of upper case, X number of lower case, X number of digits, X number of symbols (But not telling what ones) all digits can't be adjacent... etc

Another thing that will happen is that people will just put a number on the end of the password and increment it by one on every change.
 

Offline orion242

  • Supporter
  • ****
  • Posts: 626
  • Country: us
Re: Hackers hold a city hostage!
« Reply #28 on: May 31, 2019, 10:25:29 pm »
Some places force you to reset your password every x many days, and you cannot re-use the old ones. The USA DOD requires a new one every 60 days, drives me nuts every time I see their email about password about to expire.  People either resort to password managers or start writing them down on sticky notes attached to the desk.

Hopefully this nonsense will go away.  NIST recently changed their PW recommendations and no longer suggests this.
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 4609
  • Country: de
  • A qualified hobbyist ;)
Re: Hackers hold a city hostage!
« Reply #29 on: May 31, 2019, 10:35:54 pm »
Some places force you to reset your password every x many days, and you cannot re-use the old ones. The USA DOD requires a new one every 60 days, drives me nuts every time I see their email about password about to expire.  People either resort to password managers or start writing them down on sticky notes attached to the desk.

NIST recommends to remove periodic password change requirements: https://www.alvaka.net/new-password-guidelines-us-federal-government-via-nist/
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 10220
  • Country: gb
Re: Hackers hold a city hostage!
« Reply #30 on: May 31, 2019, 10:48:27 pm »
Yeah it's pointless. Keep same password + add 2FA = sorted. https://duo.com/
 

Offline madires

  • Super Contributor
  • ***
  • Posts: 4609
  • Country: de
  • A qualified hobbyist ;)
Re: Hackers hold a city hostage!
« Reply #31 on: June 01, 2019, 12:56:46 am »
But please don't use mobile/smart phones for 2FA. Too many reports of SIM swap attacks and scams.
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 10220
  • Country: gb
Re: Hackers hold a city hostage!
« Reply #32 on: June 01, 2019, 01:25:56 am »
Bit more compliated than that. Do use smartphones. Don't use SMS. Do use properly MDM controlled phones. Do use iOS. Don't use Android.
 
The following users thanked this post: apis

Online Electro Detective

  • Super Contributor
  • ***
  • Posts: 1981
  • Country: au
Re: Hackers hold a city hostage!
« Reply #33 on: June 02, 2019, 08:06:51 am »

Don't use passwords, toss the tech, upgrade your life to poor nomad living off the land = 99.9% Security   :popcorn:

Lets see hackers hack that  ;D

 

Offline apis

  • Super Contributor
  • ***
  • Posts: 1668
  • Country: se
  • Hobbyist
Re: Hackers hold a city hostage!
« Reply #34 on: June 11, 2019, 01:13:36 am »
Yeah it's pointless. Keep same password + add 2FA = sorted. https://duo.com/
Does duo have some advantage over other free H/TOTP apps, like google authentication?
 

Online bd139

  • Super Contributor
  • ***
  • Posts: 10220
  • Country: gb
Re: Hackers hold a city hostage!
« Reply #35 on: June 11, 2019, 01:48:19 am »
Yeah it does SSO as well.
 

Offline orion242

  • Supporter
  • ****
  • Posts: 626
  • Country: us
Re: Hackers hold a city hostage!
« Reply #36 on: June 21, 2019, 11:07:25 am »
another city popped with bull & shit for backups.

https://www.pcmag.com/news/369122/florida-city-to-pay-600-000-to-hackers-after-ransomware-att

These public officials need to be drawn out to the city circle and stoned for spending $600K of tax payer money to thieves over solid IT practices.
« Last Edit: June 21, 2019, 11:10:30 am by orion242 »
 

Offline james_s

  • Super Contributor
  • ***
  • Posts: 8401
  • Country: us
Re: Hackers hold a city hostage!
« Reply #37 on: June 21, 2019, 11:22:22 am »
It should be a criminal offense to pay the ransom. Doing so encourages the practice.
 

Offline orion242

  • Supporter
  • ****
  • Posts: 626
  • Country: us
Re: Hackers hold a city hostage!
« Reply #38 on: June 21, 2019, 11:34:05 am »
Agree for the most part.  There are cases that this is simply the lesser of two evils.  One would hope if your in a critical environment (far more than local gov), this is of little threat.  Sadly, that doesn't seem to be always the case.

I'm on CERT and other ICS mailing lists.  The warning of ransomware attacks on specific markets has been going out for a long time now.  Any governmental body has had warnings for couple years now.  Even if they ignore those, the press has been full of examples.  Its criminal negligence at this point in my mind.

On the bright side, I would hope that this changes the general decline in IT budgets I see.  Its a often discarded budget, yet more and more critically important area these days.  Least IMO.

« Last Edit: June 21, 2019, 11:53:46 am by orion242 »
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 4215
  • Country: nl
Re: Hackers hold a city hostage!
« Reply #39 on: June 21, 2019, 01:59:44 pm »
Cryptocurrency has been such a boon to the world ...

I don't see how increased IT budgets will help much as long as IT doesn't start embracing proper compartmentalization. IT security went down a wrong path early in its history and never recovered. Apart from a few security agencies and financial institutions, everyone is doing it wrong.
« Last Edit: June 21, 2019, 02:02:15 pm by Marco »
 

Offline james_s

  • Super Contributor
  • ***
  • Posts: 8401
  • Country: us
Re: Hackers hold a city hostage!
« Reply #40 on: June 21, 2019, 04:49:49 pm »
No, it's never the lesser of two evils. Paying the ransom, negotiating with terrorists, it's legitimizing their tactics and encouraging it and anyone who does so should face punishment. I don't care what the alternative is, by the time someone like that has you over a barrel it's too late.
 

Offline Berni

  • Super Contributor
  • ***
  • Posts: 2236
  • Country: si
Re: Hackers hold a city hostage!
« Reply #41 on: June 21, 2019, 07:14:07 pm »
Well security is not a easy thing to do.

New exploits are constantly found in software, so something that is considered pretty secure today might be vulnerable tomorrow. The IT staff have to constantly be up to date on the latest security trends and upgrade the servers as needed. It's not so easy to isolate a machine on a network. The clients will often want extra functionality and as this happens again and again there is more crap running on servers, and that crap wants to talk to other stuff etc..

But its not all about security, if someone is determined enough they can get in. Its more about having a backup of all critical systems. If a machine is important enough to be worth paying $10 000 or more to unlock it from ransomeware then that machine must have a full backup log somewhere in a safe place. And most importantly a backup need to be tested to work. It happens all too often that backups are in place, but when shit hits the fan and the machine has to be restored from a backup, it then turns out the backup image doesn't work.
 
The following users thanked this post: james_s

Offline madires

  • Super Contributor
  • ***
  • Posts: 4609
  • Country: de
  • A qualified hobbyist ;)
Re: Hackers hold a city hostage!
« Reply #42 on: June 21, 2019, 07:25:08 pm »
The damages including paying a ransom might be covered by an insurance policy. Increasing IT budgets is the right starting point, but the money has to be spent reasonably. Buying one expensive big box doesn't magically provide security. The IT infrastructure needs to be migrated from a single large LAN to cooperative islands to limit any impact of malware. Apply appropriate security practices. Backup, backup and backup! Train users on basic security and asking IT support if unsure about anything. Train IT staff on best current security practices. Set up network monitoring to spot problems early and check logs.
 

Offline orion242

  • Supporter
  • ****
  • Posts: 626
  • Country: us
Re: Hackers hold a city hostage!
« Reply #43 on: June 21, 2019, 07:54:46 pm »
The damages including paying a ransom might be covered by an insurance policy.

Since you have no idea who your paying, you cannot be sure your not funding terrorists or others under sanctions.  Don't expect insurance to hand out cash blindly, it won't happen.
 

Online Electro Detective

  • Super Contributor
  • ***
  • Posts: 1981
  • Country: au
Re: Hackers hold a city hostage!
« Reply #44 on: June 21, 2019, 08:14:02 pm »
If serial cheapskate corporats don't want to employ and or pay good IT staff decent money to carry their problems 24/7,  |O

then let them pay out more on the Rware instead,  >:D

and pray the accountants can do something about the loss.  :horse:




..Since you have no idea who your paying,

you cannot be sure your not funding terrorists or others under sanctions..


But you can be 99.9% sure of funding disgruntled employee/insiders,  >:( :rant:

shafted ex IT personel and or suss temp fill in geeks,

or a partner with expensive bad habits that wants to financially cripple the business

so one of his mates or rels, or his irate loan shark can buy it for a box of donuts.  >:D

 
« Last Edit: June 21, 2019, 08:28:57 pm by Electro Detective »
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 4215
  • Country: nl
Re: Hackers hold a city hostage!
« Reply #45 on: June 21, 2019, 08:53:20 pm »
Well security is not a easy thing to do.

New exploits are constantly found in software, so something that is considered pretty secure today might be vulnerable tomorrow.
Except for the completely incompetent ones they know where their attack surfaces are ... yet all they really do about zero days is pray it doesn't hit them and they can patch their software after they becomes non zero day.

Just let everyone browse the web ... including sysadmins with remote access to everything. What's the worst that can happen?
 
The following users thanked this post: Electro Detective

Offline orion242

  • Supporter
  • ****
  • Posts: 626
  • Country: us
Re: Hackers hold a city hostage!
« Reply #46 on: July 07, 2019, 03:02:15 pm »
Backups...

Not complicated, not expensive, nothing remotely new.  Even on the minimum budget, there is almost no reason to have a solid backup plan that would eliminate ransomware to anything more than a short term outage.  If gov body isn't willing to spend a minimal amount to cover solid backup strategy, they should be subject to a public hanging.

This ignores the common HD failure or other natural event failure of their main systems that they are apparently ignoring.  There is simply no reason to not have mission critical systems backed up.  IT 101...hello.
« Last Edit: July 07, 2019, 03:07:05 pm by orion242 »
 
The following users thanked this post: james_s

Offline orion242

  • Supporter
  • ****
  • Posts: 626
  • Country: us
Re: Hackers hold a city hostage!
« Reply #47 on: Yesterday at 03:41:30 am »
Quickbooks cloud hosting provider popped with ransomware.  Bet that's going to be a record payout if their backups are hosed.

https://krebsonsecurity.com/2019/07/quickbooks-cloud-hosting-firm-insynq-hit-in-ransomware-attack/

How safe is your data with these cloud services exactly?  Small gov bodies are peanuts if these jokers can roll up a cloud provider.
« Last Edit: Yesterday at 04:01:56 am by orion242 »
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf