Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Dozens of countries hit by huge cyberextortion attack
Associated Press ^ | May 12, 2017 | ANICK JESDANUN, JILL LAWLESS and ARITZ PARRA

Posted on 05/12/2017 4:12:56 PM PDT by monkapotamus

NEW YORK (AP) — Dozens of countries were hit with a huge cyberextortion attack Friday that locked up computers and held users’ files for ransom at a multitude of hospitals, companies and government agencies.

It was believed to the biggest attack of its kind ever recorded.

The malicious software behind the onslaught appeared to exploit a vulnerability in Microsoft Windows that was supposedly identified by the National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet.

(Excerpt) Read more at apnews.com ...


TOPICS: News/Current Events
KEYWORDS: globalcyberattack; globalransomware; hack; nsa; windowspinglist
Navigation: use the links below to view more comments.
first 1-2021-4041-6061-64 next last

1 posted on 05/12/2017 4:12:56 PM PDT by monkapotamus
[ Post Reply | Private Reply | View Replies]

To: monkapotamus

I work in cyber security. We are already not able to keep up with customer demand. Nor can we find qualified people. I get the feeling that this is only going to make things worse for me. Good job security I guess.


2 posted on 05/12/2017 4:15:14 PM PDT by taxcontrol
[ Post Reply | Private Reply | To 1 | View Replies]

To: monkapotamus

The sources of these attacks can be tracked down but the nationz wher they come from won’t go after the criminals.


3 posted on 05/12/2017 4:23:11 PM PDT by fella ("As it was before Noah so shall it be again,")
[ Post Reply | Private Reply | To 1 | View Replies]

To: monkapotamus

I have not read about any Linux computers being affected.


4 posted on 05/12/2017 4:25:03 PM PDT by TexasRepublic (Socialism is the gospel of envy and thse religion of thieves. Socialism is governmental theft!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: taxcontrol
IAPP, DarkReading, and ThreatPost, among others, have this front and center. If you're on a Windows machine, be 100% certain your systems are patched!

Here's the Microsoft bulletin on this:

Security Update for Microsoft Windows SMB Server (4013389)

5 posted on 05/12/2017 4:26:54 PM PDT by rarestia (Repeal the 17th Amendment and ratify Article the First to give the power back to the people!)
[ Post Reply | Private Reply | To 2 | View Replies]

To: TexasRepublic

Good point. This should cause people to reevaluate the dependence on windows.


6 posted on 05/12/2017 4:28:05 PM PDT by BlackVeil ('The past is never dead. It's not even past.' William Faulkner)
[ Post Reply | Private Reply | To 4 | View Replies]

To: TexasRepublic

nor Macs


7 posted on 05/12/2017 4:28:18 PM PDT by Rio (Proud resident of the State of Jefferson)
[ Post Reply | Private Reply | To 4 | View Replies]

To: TexasRepublic
> I have not read about any Linux computers being affected.

Ding ding ding ... we have a winner!

Windows fundamental architecture makes insecure, period.

8 posted on 05/12/2017 4:30:55 PM PDT by SecondAmendment (Restoring our Republic at 9.8357x10^8 FPS)
[ Post Reply | Private Reply | To 4 | View Replies]

To: BlackVeil

The problem isn’t Windows; it’s failure to update, and clinging to, older versions that are less secure. Windows 10 has automatic updates of an anti-virus app that blocks ransomeware.


9 posted on 05/12/2017 4:39:03 PM PDT by Socon-Econ
[ Post Reply | Private Reply | To 6 | View Replies]

To: taxcontrol
I was attacked yesterday, Running Win 10 Surface Pro 3, Comcast wireless router.

So I had about 20 tabs open under Chrome and Edge (I use a bit of both) and one of the tabs starts flashing and I am locked out of all other tabs. I press on the flashing tab and a message pops up with an alert of a worm/virus intrusion.

Here is the message:

See the 'Microsoft' phone at the bottom. I called it and a person answered saying they were Microsoft. I said Ok, here's the message I am getting. The person starts talking nonstop telling me to go to the 'run' md window and trpe 'hh microsoft'.

I ask how do I know you are Microsoft? The person on the other end assures me they are Microsoft and not to worry, just enter the cmd and press enter. I do that. Then windows start popping up and things are installed on my SP3.

In the meantime, I take a snapshot of the message above and look up a Microsoft support number on the internet while listening to the person on the other end lecture me about IT and network matters, telling me my entire network an IP address is reached, damaged, compromised.

I knew I had been taken in a senior like moment. I should have been sharper, quicker, never letting it get that far.

The conversation kept meandering and I asked again "How do I know you are Microsoft?". I asked, "Where is all this leading?" "Why are you spending time 'educating me' and not telling me how I can get this all fixed?"

And this lecture continued until a minute later I was told that I would receive anti-hacking tools, for a 'cost'.

Uh-huh ... Bullsh*t.

I disconnected the SP3 from the wireless internet router and went to the router and pulled the plug.

I called Microsoft support and after paying $99, I talked to a pro who spent a good chunk of time getting all the crap that was installed off, a massive amount of intrusion files. The Microsoft Pro saw the message above with the phone number and checked it was not a Microsoft number nor the number of any affiliate. It was a scam which I had the sense to realize but should have been quicker to sense.

So here's what you do:

Have a real Microsoft support number handy. When you get some sort of lockout event and a message with a Microsoft phone number, first pull the plug on your router, then call the real Microsoft number and verify the message phone number is real or not. They won't charge for checking phone numbers.

Then start running security scans and get rid of all the crap that got downloaded. If you're still unsure, consider paying for a Microsoft Pro to get cleaned up and steer you back to safety.

10 posted on 05/12/2017 4:55:51 PM PDT by Hostage (Article V)
[ Post Reply | Private Reply | To 2 | View Replies]

To: All

Oh, and Microsoft, the real Microsoft told me I was one of the lucky few for having pulled the power plug on the wireless router.


11 posted on 05/12/2017 4:58:06 PM PDT by Hostage (Article V)
[ Post Reply | Private Reply | To 10 | View Replies]

To: taxcontrol
I work in cyber security. We are already not able to keep up with customer demand. Nor can we find qualified people.

Couldn't someone offer a huge amount of money to anyone who can develop software to track down and identify these criminals? Or is that naive thinking?

12 posted on 05/12/2017 5:00:43 PM PDT by American Quilter (President Trump's making good on his campaign promises--it's morning in America!)
[ Post Reply | Private Reply | To 2 | View Replies]

To: monkapotamus

I knew I shouldn’t have pressed Ctril-X-Enter.


13 posted on 05/12/2017 5:05:27 PM PDT by heights
[ Post Reply | Private Reply | To 1 | View Replies]

To: rarestia

That bulletin is for March.... this is a new variation which has been hitting over 40 countries now.

My brother and I were discussing it this afternoon fro his work place....it’s coming in on e-mail.....so people should watch what they are clicking open carefully. They should do that anyway.....


14 posted on 05/12/2017 5:10:07 PM PDT by caww
[ Post Reply | Private Reply | To 5 | View Replies]

To: Socon-Econ
Well, that is kind of right. It is a failure to patch. This is a vulnerability in SMB - server message block. It is explained in more detail in MS17-010.

Shadow Brokers released the NSA tools almost a month ago. So, affected businesses had plenty of time to patch. They chose not to, for whatever reason. As for AV 'blocking' the ransomware, I would not rely on that. Generally speaking, in terms of new malware, AV does NOT catch the dropper. And is often behind in catching the payload as well. I'm not saying don't have AV - definitely DO. But thinking that because you have it, you are good to go is a big mistake.
15 posted on 05/12/2017 5:10:55 PM PDT by softengine
[ Post Reply | Private Reply | To 9 | View Replies]

To: monkapotamus

Hectoring people on the OS that is run on their system is like blaming the gun for someone’s death. It is who pulled the trigger that is to blame.

Attacking hospitals is beyond the pale and ought to bring with it the death penalty.

I am not kidding.


16 posted on 05/12/2017 5:15:53 PM PDT by eddie willers
[ Post Reply | Private Reply | To 1 | View Replies]

To: taxcontrol

Alert!!!!.....THIS THING IS HUGE AND BAD NEWS!

DAY THE EARTH WAS HACKED....Drudge has Good Articles on this:

BIGGEST RANSOMWARE OUTBREAK EVER... DEVELOPING...

AT LEAST 99 COUNTRIES ATTACKED...

NSA CYBER WEAPON...

HOSPITALS CRIPPLED, TELECOMMS SNARLED...

GERMAN TRAIN CHAOS...

RUSSIAN GOVT HIT...

SPEED AND SCALE STARTLES EXPERTS...


17 posted on 05/12/2017 5:16:30 PM PDT by caww
[ Post Reply | Private Reply | To 2 | View Replies]

To: eddie willers

It’s now believed to be the biggest cyber attack of its kind ever recorded.

Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, called the attack “the biggest ransomware outbreak in history.”

the attack appeared to be caused by a self-replicating piece of software that enters companies and organizations when employees click on email attachments, then spreads quickly internally from computer to computer when employees share documents and other files.


18 posted on 05/12/2017 5:20:31 PM PDT by caww
[ Post Reply | Private Reply | To 16 | View Replies]

To: SecondAmendment

FBI Gives Hollywood Hacking Victims Surprising Advice:

.. “Pay the Ransom”...

The frequency of the attacks has overwhelmed the FBI’s Los Angeles field office, which has been unable to properly investigate all of them. The FBI’s surprising advice, according to industry sources: Pay the ransom. After all, the hackers aren’t asking much more than a Cannes hotel tab. In all of the Hollywood extortion cases, the hackers demanded less than $80,000. A law enforcement source says that in California, losses would need to exceed $50,000 for the U.S. Attorney’s office to prosecute, thus keeping the FBI from pursuing most of these cases.

http://www.hollywoodreporter.com/news/fbi-gives-hollywood-hacking-victims-surprising-advice-pay-ransom-1001515


19 posted on 05/12/2017 5:26:12 PM PDT by caww
[ Post Reply | Private Reply | To 8 | View Replies]

To: monkapotamus

Need to see a clean out at the CIA and NSA for developing the tools in the first place and then to compound their stupidity, allowing them to be stolen and released.


20 posted on 05/12/2017 5:32:05 PM PDT by RetiredTexasVet (Dan Rather, a 60 Minutes Investigative Reporter for CBS, invented "Fake News"-fake but accurate.)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-6061-64 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson