1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

The current malware attacks and and interesting website.

Discussion in 'General Chat' started by Zathrus, May 18, 2017.

  1. Zathrus

    Zathrus Vindicator Member

    Joined:
    Sep 1, 2014
    Messages:
    258
    Likes Received:
    124
    Trophy Points:
    43
    Hello all,

    I thought some of you might find the page I am going to link below interesting. It is essentially a world map that is tracking in real time, all actual attacks on all networks.

    It is the type of page Engineers tend to like....

    As an example here is the map displaying the "WannaCry" ransomware attack today 05/18/2017:
    [​IMG]
    Below that you can watch a graph that is tracking actual numbers based on time and individual attacks... or the sum of all attacks.
    [​IMG]
    This is a graph of the last hour of "wannacry" attacks only as I write this.
    You can see, that even though they have been battling this attack for almost 7 days, it is still not under control.

    This current ransomware attack is exactly why I oppose any intelligence agency asking any entity for the key to their base code encryption. One of the reasons the current attack (the malware is called "WannaCry Malware") is being so successful is not only is it using the standard phishing email entry system typically used... but also, it uses a second method of infection which is called
    the "EternalBlue Exploit".

    The EternalBlue Exploit is believed by most security firms to have been developed by the NSA since it was released only after
    hackers broke into the NSA and published a bunch of classified materials. Apparently "EternalBlue" is within those classified materials.

    The fact is, once you have given anyone the key to your base code encryption.... eventually everyone with an internet connection has access to the key to your encryption... that is how the internet works.

    No entity of any kind (not corporations, individuals, govs. etc.) should ever be asked for the keys to their base code encryption. When we do force someone to provide this...
    It means that system is now at the mercy of whoever happens to be holding the keys... which could be anyone with access to the internet.


    Here is the website the pictures above were taken from: https://intel.malwaretech.com/
     
    Sylak and TheBTron like this.
  2. Sylak

    Sylak Vindicator Member

    Joined:
    Mar 3, 2013
    Messages:
    913
    Likes Received:
    120
    Trophy Points:
    43
    Interresting map!

    Microsoft had a patch in march roll out for this issue, they knew since march about it. Like Windows and Microsoft or not, at least they know and assumed they are going to be attack. Unlike Apple who made the worst marketing stupidity ever and make believe ( up to a religious level for some) that their OS are bulletproof. SO user get malicious software and they don't understand why.

    The problem is that a lot of user, institution and company use dated software, ( MS even put out a small 600km patch for XP to patch for that security breach that let wannacry spread), and they don,t make the update often enough. Most of our client are up to date, most have auto- update ( not how server obviously because it's better to control the server update an reboot) on Desktop and even WSUS server ( which is "free" in the sens that once you have a windows server listen, that feature doesn't need additional licence, unlike exchange for example). Unfortunately some... not so much. We have been working overtime ( AKA me and my colleague Anthony) to update servers and desktop of our client and also cleanup and update Their kaspersky ( and Kaspersky security centre on server) for couple of them. just tp be safe. I probably went over 200 desktop remotely and on site Plus 20 servers in the last week ( In the server case outside office hours of course so they don't lost productivity). None had ransomware lately ( we had a cluster last autumn/winter ). But we are in the "better safe than sorry" category, and our client , well not all of them, like our philosophy. Yes they have to pay for technician time for sometime they don't really the a difference. But we had clients who didn't want to pay and at one point, they always regret it. No one is bullet proof. Like I said, we had 3 client last year in the same couple of month who got a ransomware ( one happen in my face has I was investigating a problem, Service crashing because it got encrypted, in my freaking face). One of the manager asked if they should pay. We explain that no, you don't do that: 1) In doing so you condone a crime, 2) you become a "paying target" . Yes the "hacker" ( nobody need technical knowledge to send 1000000 email with a ransomware you downloaded on the internet, that why the scare quote), might be "honest" and really give you the key and you recover everything, they are mostly "men/women of their words", But now, this particular Con artist will try you again and spread the word that you cave in and pay. So back the hell up.
     
  3. Zathrus

    Zathrus Vindicator Member

    Joined:
    Sep 1, 2014
    Messages:
    258
    Likes Received:
    124
    Trophy Points:
    43
    Well.... there is a simple solution... but human nature dictates it is difficult to achieve.

    If everyone had complete backups and simply refused to pay such a ransom.... this would become a worthless endeavor for hackers.
    They would stop trying.
     
    Sylak likes this.
  4. Sylak

    Sylak Vindicator Member

    Joined:
    Mar 3, 2013
    Messages:
    913
    Likes Received:
    120
    Trophy Points:
    43
    Yep, I cannot blame user who clicked on those link, everybody can have a slip up ( except if they did it multiple time and never learn their lesson). Yeah, sometime people are naive and not educated, but that is to blame the victim, you teach them and explain to them and most of the time it work well. What I can blame is when to encourage it. Like big companies paying because they don't care. I can also blame stupid setup from someone "who knows computer" ( but really doesn't). For example, we have a small client, they only got like 2-3 Desktop they bought from us and we give them support. The same PC got encrypted twice in 48 hours. The first time it was kind of funny, the ransomware was Called kitana and it change the wall paper to a image of Mortal kombat Character's Kitana. Also the person was clearly from india as the txt message had a Indian accent, in the writing. It's weird to explain, but the way the English was written clearly felt like someone from india ( not to be racist or anything, my English writing clearly show I'm not a native English speaker) but it was funny.

    So, my Colleagues rebuild his system, give them back to him. 24 hours later, encrypted again. He looked his setup: the guy wanted to worked remotely on his Desktop, that's fine, but he didn't made a VPn, nope. He did a port-forward for the 3389 port ( windows remote desktop port) to go directly on his desktop and his desktop password was... you guest it... 1 2 3. After that,my colleagues who was on that case had a little talk with him, about this. But the guy "knew computers", yeah right. I think we set them up with a vpn and give him a hard password word, and convinced him not to change it. So get good information before setting stuff up. In doubt don't do it.
     
  5. Zathrus

    Zathrus Vindicator Member

    Joined:
    Sep 1, 2014
    Messages:
    258
    Likes Received:
    124
    Trophy Points:
    43
    I did home onsite computer repair for people for a few years. I still do it periodically.

    In many cases the Computer's problem is the user. Once I show them what they have been doing wrong... their problems go away.

    For example:
    A common problem... is people do not realize anything they put on their desktop, windows will load into memory for quick access.
    I have had user's call me explaining they are sure they have a virus because their computer has slowed to a crawl... After going to resolve their problem I discovered more than 1.9 gigabytes of pictures sitting on their desktop in folders or sometimes actual thumbnails.

    Well... they wanted easy access... I explain ... that is what shortcuts are for... and show them how to make them.

    To people like us who are computer power users daily these things seem like common sense... but if you do not know...things like this are
    mysterious.

    We have a large percentage of the population (surprising number of young folks also) who essentially find computers mysterious in general.
    The younger ones are proficient at using computers... but ask them to solve an error or some kind of problem on it and they are completely lost.
    The older users tend to be more afraid of computers.... which makes them the computer's worst enemy.
     
    Sylak likes this.
  6. Sylak

    Sylak Vindicator Member

    Joined:
    Mar 3, 2013
    Messages:
    913
    Likes Received:
    120
    Trophy Points:
    43
    yeah or dam windows and is temp file. I had a use in a client factory that had 17GB in the waste bin and 8Gb of temp files. lol.

    "The younger ones are proficient at using computers... but ask them to solve an error or some kind of problem on it and they are completely lost." Exactly. growing in the begging of computers, we had to enter command lines and debugging in the early windowas 3.1 an windows 95 demanded a lot more knowledge than now. My brother realized that his student are good a pickup quicky how to use a interface or device. But ultimatly were clueless about HOW it work and why. Like basic stuff. like ipconfig/ifconfig ( windows or linux) they are clueless. my brother and I had the same discussion.
     

Share This Page