Huge International Cyberattack

Technical Questions & Discussions about Computers, IT & electronics.
tinpeeba
udonmap.com
Posts: 167
Joined: March 14, 2006, 2:51 am
Location: London or Udon

Huge International Cyberattack

Post by tinpeeba » May 13, 2017, 3:10 am




User avatar
BobHelm
udonmap.com
Posts: 18404
Joined: September 7, 2005, 11:58 pm
Location: Udon Thani

Re: Huge International Cyberattack

Post by BobHelm » May 13, 2017, 7:12 am

Now up to 99 countries affected.

It is, apparently, the system developed by the US National Security Agency & then hacked from them & released onto the web earlier this year.
As Microsoft released updates to prevent this working in March I find it a little difficult to have much sympathy with those now having issues... :(

User avatar
parrot
udonmap.com
Posts: 8975
Joined: March 19, 2006, 8:32 pm

Re: Huge International Cyberattack

Post by parrot » May 13, 2017, 3:10 pm

Wonder how Thai government systems will fare?

https://www.nytimes.com/2017/05/12/worl ... nings.html

SJP17
udonmap.com
Posts: 537
Joined: May 16, 2012, 5:39 pm

Re: Huge International Cyberattack

Post by SJP17 » May 13, 2017, 3:41 pm

I can understand that crooks might do it for financial gain or to get classified info then sell it but I really don't get why they hack places for no reason other than to disrupt the service ???

User avatar
BobHelm
udonmap.com
Posts: 18404
Joined: September 7, 2005, 11:58 pm
Location: Udon Thani

Re: Huge International Cyberattack

Post by BobHelm » May 13, 2017, 3:46 pm

Oh, they have a reason....money
NHS staff shared screenshots of the WannaCry programme, which demanded a payment of $300 (£230) in virtual currency Bitcoin to unlock the files for each computer.
A small amount, but I gather that the bitcoin accounts that the affected are told to pay into are increasing rapidly in value!!

User avatar
FrazeeDK
udonmap.com
Posts: 3688
Joined: February 13, 2006, 2:02 am
Location: Udon Thani Thailand

Re: Huge International Cyberattack

Post by FrazeeDK » May 13, 2017, 5:40 pm

so, keep backups of your key files for such an eventuality.. If you get infected and your files get locked then wipe the PC/laptop and reload a new O/S and restore you key files.. Yeah, you'll always lose something but if you backup regularly to either a thumb drive, external hard drive or the "cloud" you'll be covered.. Of course, if you don't click on dodge links or open strange e-mails then you'll stand a better chance of staying digitally clean..
Dave

User avatar
BobHelm
udonmap.com
Posts: 18404
Joined: September 7, 2005, 11:58 pm
Location: Udon Thani

Re: Huge International Cyberattack

Post by BobHelm » May 13, 2017, 7:33 pm

I understand that the problem with the NHS is that they are still using Windows XP.
This is no longer supported by Microsoft, so no upgrades released to prevent the EternalBlue loophole in the system by Microsoft in March of this year.
The NHS are still using XP because they have bespoke software that needs adjusting before it would work with newer Microsoft OS...

Hopefully the Government & the NHS now understand the error of their ways & fix the underlying issue soon rather than later.
Although it will take some one with special skills - the attempt to replace the current system started in 2002 & was eventually abandoned in 2013, after having £10bn spent on it. :(

User avatar
pf-flyer
udonmap.com
Posts: 498
Joined: April 4, 2007, 11:25 pm
Location: Udon Thani - Amphur Nong Han

Re: Huge International Cyberattack

Post by pf-flyer » May 14, 2017, 7:20 am

There is an article in USA Today with more information on the Cyberattack.
" How a 22-year-old inadvertently stopped a worldwide cyberattack "
Please note this advise at the end of the article
" This makes it all the more important that computers and networks quickly install the Windows patches that fix the problem that allowed the code to so easily spread in the first place. Microsoft issued that patch on March 14 but clearly many systems had not installed the crucial new software."

[url]https://www.usatoday.com/story/tech/new ... 101637152/[/url]
"Life is like a tube of toothpaste. Outward pressure brings out the inward contents."

User avatar
rjj04
udonmap.com
Posts: 1156
Joined: February 25, 2008, 2:51 am

Re: Huge International Cyberattack

Post by rjj04 » May 14, 2017, 8:04 am

This is all so ridiculous. I can't believe that something as important as an entire healthcare system for a nation is reliant on Windows crappola. How anybody would install windows period is beyond me, any task that can be done on that OS can be done on Linux, and faster. If people don't wake up after this, I guess nothing will wake them up. You guys and gals carry on buying your "anti-virus" software, and installing your emergency patches, and panicking every time some hole appears in that proprietary sw as your master keeps back-doors in their garbage software for the NSA and whomever else will pay for it. :roll:

User avatar
BobHelm
udonmap.com
Posts: 18404
Joined: September 7, 2005, 11:58 pm
Location: Udon Thani

Re: Huge International Cyberattack

Post by BobHelm » May 14, 2017, 8:19 am

I had a friend who was working on the aborted NHS system upgrade project.
He said that it was the most frustrating project he had ever worked on (& he had worked on some with me, so it must have been bad :D ).
There are something like 220 separate Health Authorities/Trusts. Within them there are clinics, hospitals, General Practitioners, Health visitors etc. - all with different requirements & ideas.

As an example, he told me it was impossible to even get a consensus of what the e-mail address should look like across 1 authority - let alone getting all 220 to agree on one.
If something as basic as that could not be resolved, then there was little chance for the project.

No one in authority appeared to have the guts or ability to set a strategy & just tell everyone to 'get on with it'.!!

User avatar
karonsteve
udonmap.com
Posts: 335
Joined: August 8, 2012, 8:37 pm

Re: Huge International Cyberattack

Post by karonsteve » May 14, 2017, 10:10 am

10 years and 10 billion pounds and no one had the guts to mandate what the system would be? Shocking but a great earner for all of the consultants on contract. Milk dat cow.

User avatar
rjj04
udonmap.com
Posts: 1156
Joined: February 25, 2008, 2:51 am

Re: Huge International Cyberattack

Post by rjj04 » May 14, 2017, 10:49 am

The US Congress recently passed a law to allow US parties to sue a foreign government (Saudi Arabia 9/11 in particular). Does this mean the NHS can sue the NSA, or is it double standards again.... aiding terrorists/extortionists that take down an entire healthcare system... seems good grounds for a lawsuit to me [-o< I wonder how many thousands of people will suffer or die because of this? Not getting timely treatment or meds!! :-k

User avatar
parrot
udonmap.com
Posts: 8975
Joined: March 19, 2006, 8:32 pm

Re: Huge International Cyberattack

Post by parrot » May 14, 2017, 4:13 pm

rjj04 wrote:The US Congress recently passed a law to allow US parties to sue a foreign government (Saudi Arabia 9/11 in particular). Does this mean the NHS can sue the NSA, or is it double standards again.... aiding terrorists/extortionists that take down an entire healthcare system... seems good grounds for a lawsuit to me [-o< I wonder how many thousands of people will suffer or die because of this? Not getting timely treatment or meds!! :-k
Judging from the news I've read, the NHS was at fault for having an archaic operating system.

I've known people with Windows 10 who have auto updates turned off. You're defeating the whole purpose (and benefits) of Windows 10 when you do that.....unless you're constantly checking for updates yourself.

If I understand the situation correctly, it's more of the same story......people with high powered computers (what the common person has today) but lacking the proper protocol for using one.

User avatar
rjj04
udonmap.com
Posts: 1156
Joined: February 25, 2008, 2:51 am

Re: Huge International Cyberattack

Post by rjj04 » May 14, 2017, 6:29 pm

parrot wrote:
Judging from the news I've read, the NHS was at fault for having an archaic operating system.

I've known people with Windows 10 who have auto updates turned off. You're defeating the whole purpose (and benefits) of Windows 10 when you do that.....unless you're constantly checking for updates yourself.

If I understand the situation correctly, it's more of the same story......people with high powered computers (what the common person has today) but lacking the proper protocol for using one.
http://www.truthdig.com/report/item/nsa ... k_20170513

Well, from what I understand, and I could be mistaken, the NSA - more than likely due to their having access to the MSFT source code - created the hacking tool that was used in this event. Their hacking tool was then apparently hacked/stolen by somebody else. If those other people could have written the code themselves they wouldn't have needed to steal it from the NSA in the first place. I know the NSA has a lot of resources (read $$$$) but personally I think they could only come up with these tools by analyzing the source code directly. De-compiling sw hasn't progressed that much (might be mistaken here too). Working in assembly code is a pain. So, the NSA's special access and their desire to be able to break into any citizen's (including any average American citizen) machine is the reason this tool exists today... and the reason it was able to be deployed in this extortion racket. If the NSA didn't create it, then the event would not have happened!!

As far as Windows XP being "archaic" and that being the problem... I could install a linux version from ten or fifteen years ago on any old PC, and I bet it could not be hacked successfully. It has nothing to do with the mere fact XP is old. Windows XP wasn't designed with security in mind... hence the idiotic anti-virus sw that people have to have run continually in Windows. Linux machines aren't constantly running anti-virus sw. Perhaps once or twice a month a rootkit check is run which takes a few minutes, just in case.

User avatar
Udon Map
Admin
Posts: 1450
Joined: July 31, 2013, 7:57 pm

Re: Huge International Cyberattack

Post by Udon Map » May 14, 2017, 9:29 pm

rjj04 wrote:If those other people could have written the code themselves they wouldn't have needed to steal it from the NSA in the first place.
Or, they decided that it was easier to steal it than write it themselves. Why reinvent the wheel?

User avatar
rjj04
udonmap.com
Posts: 1156
Joined: February 25, 2008, 2:51 am

Re: Huge International Cyberattack

Post by rjj04 » May 14, 2017, 10:02 pm

Udon Map wrote:
rjj04 wrote:If those other people could have written the code themselves they wouldn't have needed to steal it from the NSA in the first place.
Or, they decided that it was easier to steal it than write it themselves. Why reinvent the wheel?
Perhaps, but if the NSA was able to detect the intrusion and trace back to individuals.... drone strike in 3...2...1
Seems a bit dangerous, but I have zero expertise in this area, so who knows.

User avatar
BobHelm
udonmap.com
Posts: 18404
Joined: September 7, 2005, 11:58 pm
Location: Udon Thani

Re: Huge International Cyberattack

Post by BobHelm » May 15, 2017, 6:49 am

From what I read at the time..

A considerable time ago, the NSA discovered a flaw in the Microsoft software. That is not unusual, private security consultants discover these sort of flaws every month.
The official process is then for the private security consultants to privately inform Microsoft (or whichever of the Software Manufacturers it is) of the flaw & give them a 'reasonable amount of time' to create & issue a 'patch' to fix the flaw. If the company does nothing 'after a reasonable amount of time' then it is generally considered 'fair & reasonable' for the consultants to announce it to the world & so shame the company into fixing their software.

In the case of the flaw discovered by the NSA, they just kept quiet about it. They would have had little need to do that unless they had intentions to exploit it themselves.

Then the NSA were hacked earlier this year & the flaw discovered by the hackers. The 'official' line then was
'Yeah, well this is old stuff & doesn't effect anyone now'.
I think the events on Friday have pointed out the flaw in that..

It would seem that this is another case of where 'watching the watchers' has proved highly inadequate.

User avatar
Udon Map
Admin
Posts: 1450
Joined: July 31, 2013, 7:57 pm

Re: Huge International Cyberattack

Post by Udon Map » May 15, 2017, 9:42 am

BobHelm wrote:From what I read at the time..

A considerable time ago, the NSA discovered a flaw in the Microsoft software. That is not unusual, private security consultants discover these sort of flaws every month.
The official process is then for the private security consultants to privately inform Microsoft (or whichever of the Software Manufacturers it is) of the flaw & give them a 'reasonable amount of time' to create & issue a 'patch' to fix the flaw. If the company does nothing 'after a reasonable amount of time' then it is generally considered 'fair & reasonable' for the consultants to announce it to the world & so shame the company into fixing their software.

In the case of the flaw discovered by the NSA, they just kept quiet about it. They would have had little need to do that unless they had intentions to exploit it themselves.

Then the NSA were hacked earlier this year & the flaw discovered by the hackers. The 'official' line then was
'Yeah, well this is old stuff & doesn't effect anyone now'.
I think the events on Friday have pointed out the flaw in that..

It would seem that this is another case of where 'watching the watchers' has proved highly inadequate.
Also a golden opportunity for MS to tout the advantages of using only legitimate and registered copies of Windows and keeping automatic updating options fully enabled. As I understand it, this only affected XP users. XP support was terminated a few years ago. Users of subsequent legitimate versions of Windows received a security update to protect against this and were not affected, right?

User avatar
BobHelm
udonmap.com
Posts: 18404
Joined: September 7, 2005, 11:58 pm
Location: Udon Thani

Re: Huge International Cyberattack

Post by BobHelm » May 15, 2017, 10:11 am

It was mainly XP users, who were certainly not protected, anyone still using Windows 8 would have been similarly vulnerable.
As long as users of newer versions of the Microsoft OS - 7 & 8.1 - had applied the March 14th. update then they would not have had issues..
Not sure about Windows 10, certainly no worse than Windows 7 & 8.1 users & I imagine that the new 10 Creator update that Microsoft just rolled out would not need patching.

Interestingly, Microsoft themselves are, publicly, less than pleased with the NSA than users :D
‘Like letting Tomahawk missiles get stolen’: Microsoft slams NSA mishandling of exploits
https://www.rt.com/usa/388374-microsoft ... wk-attack/

User avatar
rjj04
udonmap.com
Posts: 1156
Joined: February 25, 2008, 2:51 am

Re: Huge International Cyberattack

Post by rjj04 » May 15, 2017, 11:59 am

A couple of decades ago the NSA actually was a positive force. It did things like collaborate with Red Hat and other Linux developers to create Security Enhanced Linux (SELinux), which is a mainstay of Fedora security. They helped keep the "National Security". Since then, we see through the Snowden revelations and others, that they are doing quite the opposite and actually creating malware tools and harming overall security. That the NSA just "discover" holes in code, sit there in an "aw-shucks" manner, and just twiddle their toes... come on, please!! [-X How many more whistle-blowers need risk their lives before people see the light? The "official process" :roll: Why don't they use a tiny bit of their massive budget and try to enhance the cyber security of the nation... as they used to do.

Locked

Return to “Computers, IT & Electronics”