Posted on 05/12/2017 7:27:01 PM PDT by Innovative
Hackers exploiting malicious software stolen from the National Security Agency executed damaging cyberattacks on Friday that hit dozens of countries worldwide, forcing Britains public health system to send patients away, freezing computers at Russias Interior Ministry and wreaking havoc on tens of thousands of computers elsewhere.
The attacks amounted to an audacious global blackmail attempt spread by the internet and underscored the vulnerabilities of the digital age.
Transmitted via email, the malicious software locked British hospitals out of their computer systems and demanded ransom before users could be let back in with a threat that data would be destroyed if the demands were not met.
By late Friday the attacks had spread to more than 74 countries, according to security firms tracking the spread. Kaspersky Lab, a Russian cybersecurity firm, said Russia was the worst-hit, followed by Ukraine, India and Taiwan. Reports of attacks also came from Latin America and Africa.
(Excerpt) Read more at nytimes.com ...
[Never open an email attachment.]
Hey they did it where I worked. From a trusted business partner site. Ransomware. Encrypted everything on that computer which prevented the operator from forward that email to the engineering department. Yes, ransomware.
My reward for shutting down the machine after informing them it was hosed? Cursed at and then a hostile work environment that never shut down the insurgency. Totally messed-up and amateurish installation with absolutely no concept of best practices.
It’s amazing at least 3 machines weren’t destroyed. I stopped them from hitting Engineering but they then were trying to link to another computer when I happened to walk in and ask what in the world they were doing.
Incredible.
MS is ransomware lite. They support the hackers by adding new poorly written crap. For example MS now adds a bunch of unnecessary listen ports that can't be uninstalled (but they can be blocked with a non-MS firewall). Intel is almost as bad providing a listen port independent of the OS. It's hard to practice safe networked computing when MS and Intel are making it less safe.
An adversary might try to de-anonymize the user by some means. One way this may be achieved is by exploiting vulnerable software on the user's computer.[11] The NSA had a technique that targets a vulnerability which they codenamed "EgotisticalGiraffe" in an outdated Firefox browser version at one time bundled with the Tor package,[12] and in general, targets Tor users for close monitoring under its XKeyscore program.[13] Attacks against Tor are an active area of academic research,[14][15] and are welcomed by the Tor Project itself.[16] However, Tor was not only developed for a time in the early 2000s by individuals who "were on contract from DARPA and the U.S. Naval Research Laboratory", but since its inception the bulk of its funding has come from the federal government of the United States.
They are in business to make money. Supporting a 15+ year old outdated product with a small user base takes resources. Resources that can be better used to offer support for newer versions of the product.
Giving away products, similar answer regarding money, but there are technical issues as well. Each new operating system has CPU and memory requirements that older computers may not meet. Granted, with Windows 7 it is a lower threshold, but some old computers running XP won't meet the requirements.
One thing overlooked is the drivers required to make things function. The hardware manufacturers, if they are still in business, will not continue to put out new drivers for newer operating systems for those outdated products, and it would be cost prohibitive and in some cases impossible for Microsoft to come up with drivers that work with very old hardware that is not even available anymore.
Windows 8 is another conversation entirely. You won't get any argument from me about that dumb move.
I dunno. I’m more worried about a Microsoft patch taking out my PC than anything else.
FedEx in Memphis was hit.
Updating machines is frequently up to the user. That’s what happened to us. Boxen used by grad students that had Automatic Windows Update turned off because they don’t want to reboot the machine.
I have a machine that does not have this update....because it has been turned off for several weeks.
Oy, and here I sit with two 8.1 devices....one a tablet that I rarely use.
I heard that. It’s jacked up a machine more than once for me.
I miss Windows 98 SR2. Ah, the good old days.
See what happens when you encourage “whistle blowers?”
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.