Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool

NY Times ^ | May 12, 2017 | NICOLE PERLROTH and DAVID E. SANGER

[Innovative]

Hackers exploiting malicious software stolen from the National Security Agency executed damaging cyberattacks on Friday that hit dozens of countries worldwide, forcing Britain’s public health system to send patients away, freezing computers at Russia’s Interior Ministry and wreaking havoc on tens of thousands of computers elsewhere.

The attacks amounted to an audacious global blackmail attempt spread by the internet and underscored the vulnerabilities of the digital age.

Transmitted via email, the malicious software locked British hospitals out of their computer systems and demanded ransom before users could be let back in — with a threat that data would be destroyed if the demands were not met.

By late Friday the attacks had spread to more than 74 countries, according to security firms tracking the spread. Kaspersky Lab, a Russian cybersecurity firm, said Russia was the worst-hit, followed by Ukraine, India and Taiwan. Reports of attacks also came from Latin America and Africa.

[SaveFerris]

[Never open an email attachment.]

Hey they did it where I worked. From a trusted business partner site. Ransomware. Encrypted everything on that computer which prevented the operator from forward that email to the engineering department. Yes, ransomware.

My reward for shutting down the machine after informing them it was hosed? Cursed at and then a hostile work environment that never shut down the insurgency. Totally messed-up and amateurish installation with absolutely no concept of best practices.

It’s amazing at least 3 machines weren’t destroyed. I stopped them from hitting Engineering but they then were trying to link to another computer when I happened to walk in and ask what in the world they were doing.

Incredible.

[palmer]

I see people are suggesting updates hoping for security patches. The problem is that 99% of each update is more unnecessary crap, only 1% is security patches. The unnecessary crap just adds new vulnerabilities. MS wants to push you into a "free" continuously updated OS that constantly enables a bigger revenue stream by capturing and selling your personal info.

MS is ransomware lite. They support the hackers by adding new poorly written crap. For example MS now adds a bunch of unnecessary listen ports that can't be uninstalled (but they can be blocked with a non-MS firewall). Intel is almost as bad providing a listen port independent of the OS. It's hard to practice safe networked computing when MS and Intel are making it less safe.

[Mycroft Holmes]

An adversary might try to de-anonymize the user by some means. One way this may be achieved is by exploiting vulnerable software on the user's computer.[11] The NSA had a technique that targets a vulnerability – which they codenamed "EgotisticalGiraffe" – in an outdated Firefox browser version at one time bundled with the Tor package,[12] and in general, targets Tor users for close monitoring under its XKeyscore program.[13] Attacks against Tor are an active area of academic research,[14][15] and are welcomed by the Tor Project itself.[16] However, Tor was not only developed for a time in the early 2000s by individuals who "were on contract from DARPA and the U.S. Naval Research Laboratory", but since its inception the bulk of its funding has come from the federal government of the United States.

[FreedomOfExpression]

How much effort would it take them to support XP? Or at least offer free upgrades to Win 7? Why not?

They are in business to make money. Supporting a 15+ year old outdated product with a small user base takes resources. Resources that can be better used to offer support for newer versions of the product.
Giving away products, similar answer regarding money, but there are technical issues as well. Each new operating system has CPU and memory requirements that older computers may not meet. Granted, with Windows 7 it is a lower threshold, but some old computers running XP won't meet the requirements.
One thing overlooked is the drivers required to make things function. The hardware manufacturers, if they are still in business, will not continue to put out new drivers for newer operating systems for those outdated products, and it would be cost prohibitive and in some cases impossible for Microsoft to come up with drivers that work with very old hardware that is not even available anymore.

Windows 8 is another conversation entirely. You won't get any argument from me about that dumb move.

[Caipirabob]

I dunno. I’m more worried about a Microsoft patch taking out my PC than anything else.

[GailA]

FedEx in Memphis was hit.

[Delta 21]

[AppyPappy]

Updating machines is frequently up to the user. That’s what happened to us. Boxen used by grad students that had Automatic Windows Update turned off because they don’t want to reboot the machine.

I have a machine that does not have this update....because it has been turned off for several weeks.

[SaveFerris]

Oy, and here I sit with two 8.1 devices....one a tablet that I rarely use.

[SaveFerris]

I heard that. It’s jacked up a machine more than once for me.

[FreedomOfExpression]

Ah, 8.1 is a lot better than 8.0 from what I have heard. I occasionally use a computer with 8.1, but I'm not really used to it.
If you got used to Windows 8.1 and it works for you, there's no problem. It's just that I mainly prefer the interface of other versions over windows 8.

[SaveFerris]

I miss Windows 98 SR2. Ah, the good old days.

[PLMerite]

See what happens when you encourage “whistle blowers?”