[Igor Antunov]

Researchers believe hacking tools developed by the US National Security Agency were used in a global cyber attack that hit international shipper FedEx, disrupted Britain's health system and infected computers in nearly 100 countries.

Cyber extortionists tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files overnight.

The ransomware encrypted data on the computers, demanding payments of $US300 to $US600 to restore access.

Security researchers say they observed some victims paying via the digital currency bitcoin, though they did not know how many had given in to the extortionists.

Researchers with security software maker Avast say they had observed 57,000 infections in 99 countries with Russia, Ukraine and Taiwan the top targets.

The most disruptive attacks were reported in Britain, where hospitals and clinics were forced to turn away patients after losing access to computers.

Read more at http://www.9news.com.au/technology/2017 ... OHQTwje.99
http://www.9news.com.au/technology/2017 ... ber-attack

Script kiddies got their hands on some fairly common malware floating around and modified it. I used to remove this from client laptops a couple years back. This one is apparently harder to get rid of. So far it has earned them $12,000 in ransom payments, but 80% of the infected countries were asleep as of this number. Many more will opt to pay.

Ignore the ill informed article, you don't need to click on anything, the nastiest variant (there are over 8 now) spreads automatically if you connect to the internet via an unpatched OS. Even when patched if you then go and click on an infected email attachment you will be screwed.

Who is at risk : Everyone using Windows, up to Windows 10 without the hotfixes from March 2017

Thus far the only solution if you get infected is to pay the ransom, or lose all your data and go for a fresh install. Live tracker of infections: https://intel.malwaretech.com/botnet/wc ... 4h&bid=all

[Kaiserschmarrn]

It's a bit disconcerting that in 2017 large organisations and corporations are still so vulnerable to spam emails.

[Igor Antunov]

Because they're using unpatched versions of Win XP.

[Zagadka]

^ what I was about to type

It is a sad note on sys admins who can't be bothered to stay on top of their systems. I get it, it is incredibly hard to do that with something like the NHS, which uses tons of specifically designed programs, and you can't risk those failing on newer platforms... but that doesn't mean you have an excuse to not update, clods.

Also, I would have hoped that a hospital system would be more segmented from the general networks. Apparently, just some Russian teenagers could win WWIII in 20 minutes for a bag of cheetos and a redbull.

[Frollein]

My problem with Windows updates is that they screw up my computer more often than helping with anything; I don't have the money to let some computer shop unfreeze my computer every other week.

[AFAIK]

Windows 7 has been updating on and off for a week. Every other day there's something new to install or configure. It's been really frustrating not being able to use the computer for hours at a time.

[Kaiserschmarrn]

Because they're using unpatched versions of Win XP.

Yeah, I read about that and was left speechless.

Windows 7 has been updating on and off for a week. Every other day there's something new to install or configure. It's been really frustrating not being able to use the computer for hours at a time.

That's odd. I'm running Windows 7 too and hadn't updated for two months. Today I had to install a total of 4 updates which took no longer than 10 minutes. Also, why aren't you able to use your computer when updating?

[Zagadka]

You do use your computer while updating, as long as they aren't system files. Windows (finally) reached the point where it can patch a lot of issues in the background without the user being involved (in fact, this pisses off some tech people who want to control the version of the OS they are using for whatever admin reasons). It usually only points things out when it needs to reboot.

Always better to be safe than sorry.

[MistyTiger]

^ what I was about to type

It is a sad note on sys admins who can't be bothered to stay on top of their systems. I get it, it is incredibly hard to do that with something like the NHS, which uses tons of specifically designed programs, and you can't risk those failing on newer platforms... but that doesn't mean you have an excuse to not update, clods.

Also, I would have hoped that a hospital system would be more segmented from the general networks. Apparently, just some Russian teenagers could win WWIII in 20 minutes for a bag of cheetos and a redbull.

One of the major reasons that they are not updating is the financial cost. Maybe they just do not allocate enough funds to the IT department. I worked at one place that was using old monitors and hardware from the 80s. They eventually did get new screens and upgraded to Windows 7 before I left though.

[Igor Antunov]

A major reason they linger (especially in the public sector) when it comes to OS upgrades is because they don't want interruptions. Methods, hardware, software, IT staff with outdated knowledge etc become entrenched over time. Stagnation hits.

A hospital would essentially have to shut down for a few days while new operating systems were applied, with numerous teething problems cropping up to be addressed over subsequent days and weeks, causing further interruptions. They would also need to retrain the staff, and probably replace portions of the IT department. So they wing it and hope for the best. The health sector is also a major target for scammers who overcharge for software installation, maintenance and hardware by orders of magnitude. So you stick with the devil you know.

I have an example. Our local accounting firm (who do our taxes) upgraded to windows 10 when they moved offices. They had a 2 week window of time to do so due to the move. It wasn't sufficient, their custom software experienced numerous issues and they had to roll back to windows 7 to resume doing their work.

[AFAIK]

Some pop-up told me to restart the computer for an update and I kept hitting postpone because I was using it. Then when I shut down the computer it spent a couple of hours doing its thing and the next day I turned it on and it spent a few hours configuring the new stuff before letting me in. Then I downloaded 300 optional add ons and that froze halfway through. I had to delete and move stuff around to create space for all this, too.

This is the first update I'm aware of so maybe I just got hit with 4 years worth at once.

[Hong Wu]

I've been hearing about this, glad I use linux. No viruses yet aside from the NSA spying on me so that they can appropriate my dank meme stash.

[Igor Antunov]

Up to 30% of US nuclear power plants still use Windows XP...

Microsoft has released emergency security updates for Windows XP.

Apparently some guy has accidentally activated a kill switch in the malware by registering a domain the malware creators implemented. This means the malware will cease spreading. However it can easily be modified to resume its rampage.

'Accidental hero' halts ransomware attack and warns: this is not over

Expert who stopped spread of attack by activating software’s ‘kill switch’ says criminals will ‘change the code and start again’

https://www.theguardian.com/technology/ ... ber-attack

[GandalfTheGrey]

You do use your computer while updating, as long as they aren't system files.

Except if you happen to reboot, in which case it can take anywhere up to half an hour stuck on an "updating - do not turn off" screen before you can use it again.

[Zagadka]

True, but that usually only happens with the major updates (Anniversary, Creators, etc) On average, I can get up, go to the bathroom and get another drink, then it'll be rebooted completely by the time I get back.

[stephen50right]

<<< Thus far the only solution if you get infected is to pay the ransom, or lose all your data and go for a fresh install. >>>

The key is to do what everyone should be doing anyway, back up their data on a regular basis. If it's business data, then it should be done each day at the least.

Hard drives can crash at any time anyway. It is possible to retrieve the data off a crashed hard drive, I have done it, but it is much easier to back up data which is so easy to do these days.

Another thing, but I'm not sure how it would work in this particular case...make sure you always update your system restore points. You can do a system restore such as say from last week or whatever the past date is, and it should remove the malware, and take your computer back to the point of the restore. A fresh install wouldn't need to be done. I have picked up malware before, and the system restore quickly completely got rid of it every time. This hacker's malware might be different though, I'm not sure.

[Igor Antunov]

Invest in a cheap 120gb SSD for your OS install guys. Updates and restarts take seconds, not minutes.

[anarchist23]

Here we go again. More cyber attacks are predicted on Monday.
What is going to happen if the air traffic controllers computers are hacked? Will planes be grounded?

Friday's cyber-attack has affected more than 200,000 victims in 150 countries, Europol chief Rob Wainwright says.
Speaking to Britain's ITV, he said the world faced an escalating threat, and there was concern about the level of potential attacks on Monday morning.
The virus took control of users' files, demanding payments; Russia and the UK were among the worst hit countries.
Security experts have warned that another attack is imminent and could be unstoppable.
Mr Wainwright said he was concerned that the numbers of those affected would continue to rise when people returned to work on Monday morning.
"We're in the face of an escalating threat, the numbers are going up," he said, adding that the current attack was unprecedented.
"We are running around 200 global operations against cyber crime each year but we've never seen anything like this.
"The latest count is over 200,000 victims in at least 150 countries. Many of those victims will be businesses, including large corporations. The global reach is unprecedented."
However, Mr Wainwright said that so far "remarkably few" payments had been made by victims of the attack.

BBC

[Zagadka]

The worst part is that every machine exploited by this basically needs to be lit on fire instead of being used again, and no one will do that. Lord knows what backdoors the thing installs.

Not sure who to blame more, the administrators who let their network be so outdated, or the bosses not giving enough resources to them or shooting down proposals.

[anarchist23]

It's a bit like closing the stable door after the horse has bolted. In fact it's closing the stable door knowing that it's not fit for purpose.