-
Be sure to read this post! Beware of scammers. https://www.indianagunowners.com/threads/classifieds-new-online-payment-guidelines-rules-paypal-venmo-zelle-etc.511734/
Systems Worldwide Crippled in Massive Ransomware Attack
- Thread starter ArcadiaGP
- Start date
The #1 community for Gun Owners in Indiana
Member Benefits:
Fewer Ads! Discuss all aspects of firearm ownership Discuss anti-gun legislation Buy, sell, and trade in the classified section Chat with Local gun shops, ranges, trainers & other businesses Discover free outdoor shooting areas View up to date on firearm-related events Share photos & video with other members ...and so much more!
Member Benefits:
If there are open ports and unpatched vulnerabilities... technically, yes. Attacks that just scan for vulnerable computers are rare, and those computers are typically protected by your router and other firewall technologies.
Most attacks require human error.
Yes, but... it depends on your firewall and virus monitoring software. If you have any sort of effective firewall/virus check, it is pretty unlikely.
Some of the recently released WikiLeaks/NSA techniques seem to make it more possible. I'm reading that the Ukrainian-centered outbreak is related to a spoofed software update protocol. Now, that would technically mean there was a download, but it wouldn't be like what you're kinda talking about.
Not a stupid question at all. Simply admitting a point of ignorance and asking for help in remedying it.
GPAI7R and T.Lex gave good answers, but the world of info security is very daunting. Security is a question of degree. It is not a yes/no thing. Having good defenses against one attack (ex: not opening e-mail attachments) doesn't protect you from others such as the Internet of Things (IoT) device that is communicating without your knowledge from your network, gets "owned" by someone and then goes on to infect other devices.
Unfortunately, viruses (or the more general form "malware") has many routes towards getting into your system. Good practices are your best defense to avoiding attack or quickly recovering if you are hit anyway. The list if techniques to avoid/minimize malware is long, but here are some of the most significant techniques. These are oriented towards home users, but have a lot of overlap with business/organizational info security.
- A good *and* automatic backup system. Having to remember to manually takes steps to backup means that you won't do it nearly as often or regularly as you should. Bonus points for having a copy of your backups off-site.
- Put your home network/computers behind a router. Current routers have firewalls built into them that protect your systems from many attacks that try and reach you from the outside. (however, don't get fooled into believing that a tough front-wall will keep out all malware when there are windows, doors, electrical wiring, etc that allow opportunities for problems to enter your home). Bonus techie points for keeping any IoT devices on a network separate from your main devices and disabling WPS, UPnP and WAN-side admin access.
- Keep your systems updated. Desktops and laptops- Linux/Windows/Apple are pretty good at this. Smart phones are very uneven with most being poor. IoT devices (anything "smart" that connects to the internet like smart TVs, smart light bulbs, video cameras, etc.) are in general a spectacular failure at software patching which has resulted in some of the large recent malware attacks.
- Anti-virus/malware software has become a point of contention in the security community. They have developed to the point where security experts disagree on whether the benefits outweigh the problems. I still personally recommend them for Windows users, but don't use it with Linux.
- Use good passwords that are different from site to site. You know the drill- longer, more complex is better. Do not reuse your Google/Facebook/Twitter/Amazon/PayPal/etc passwords on other sites. A common hacker technique is when they compromise a site's account list, they try all of them at the major sites and will get a percentage of successes. Bonus points for using a password manager and having passwords that are so long/complex you could never remember them.
- Enable two-factor authentication (2FA) for any financial or otherwise important web sites. If you consider your Google/Facebook/etc. accounts important, then protecting them by forcing hackers to have something besides your password really raises the security bar.
- Do not open *any* attachments sent via e-mail, particularly unsolicited ones- PDFs, zip files, executables, Office files have all been abused as vectors to help malware get past your firewall.
- Use common sense- Someone you've never heard of wants to give you a bunch of money? Wants to sleep with you? Wants to sell your subscription drugs without your going to a doctor for a subscription? Wants you to "confirm" your login credentials or provide personal information and you aren't in the middle of creating a new account? Would you trust a stranger that said any of these things in person? Then don't believe them online either.
It sucks that there are so many things to know and practice to avoid Internet crime. And I've only hit the highlights- there are many additional practices and details that can increase your personal info security. However, if you just use the items above, you will make yourself a much harder target and one that can recover if things go wrong.
Last edited:
The above remains good advice, particularly when it comes to Operating System updates.
But then, there's more info on the most recent outbreak:
Tax software blamed for cyber-attack spread - BBC News
A specific (fairly Ukraine-specific) software update protocol was co-opted as an attack vector.
And here I was, thinking MS bloatware was the worst risk of auto updates. (Still have mine set to download, but not install, until I tell it to.)
And then throw in lateral movement from any potential network you happen to connect to if another user on that network is not being smart, depending on the protocols open on that network, and that can cause all kinds of issues.
Here's some info on this specific Ransomware attack if anyone wants to go a bit deeper https://blogs.technet.microsoft.com...-old-techniques-petya-adds-worm-capabilities/
Last edited:
How about this, I routinely back my stuff up on two different remote hard drives. One stays connected to the main CPU for convenience sake, but the other one I only connect to do a back-up and then I disconnect.
Is my dis-connected drive any more safe from malware or does it really make a difference?
Is my dis-connected drive any more safe from malware or does it really make a difference?
Your offline backup is very safe and good practice. It will be vulnerable only when connected to your computer to do a backup. So long as your computer is clean while the drive is connected then it should stay safe.
Attacks that can come in without your doing something are rare, but can be some of the most devastating. This is what is currently going on, a Windows vulnerability that has existed for years has been made public knowledge and is very easy for anyone to do some reading and be able to use it against unpatched systems. This vulnerability likely existed since the 90's but wasn't public knowledge. Now the word is out and anyone looking to make a buck is using it.
Thats perfect Box. Even better would be to take that offline drive off-site. (maybe keep it at your office in your desk? At a trusted person's house, etc) Then you are protected against physical threats like fire, burglary, etc.
They cant touch it if its not plugged in.
They cant touch it if its not plugged in.
ARS (and others) reporting that the latest ransomware wasn't ransomware. It was a wiper. Overwrote the master boot record sectors. Data irretrievable. Speculation that the ransomware part was a distraction and that a state actor was targeting certain systems.
Cameramonkey - what are next weeks lottery numbers?
Cameramonkey - what are next weeks lottery numbers?
ARS (and others) reporting that the latest ransomware wasn't ransomware. It was a wiper. Overwrote the master boot record sectors. Data irretrievable. Speculation that the ransomware part was a distraction and that a state actor was targeting certain systems.
Cameramonkey - what are next weeks lottery numbers?
Ouch!
and
various combinations involving numbers between 0 and 9.
MBR or MFT? MBR should be a simple recovery. MFT can be rebuilt/recovered if you have the right tools unless they also went through and wrote data to the disk. Granted recovery takes forever and a day and isn't foolproof.
Yes.
This is the link that I first saw on it. It links to Kaspersky and others.
https://arstechnica.com/security/20...s-sowing-wiper-not-profit-seeking-ransomware/
NHS cyber-defender Marcus Hutchins charged in US - BBC News
Did not see this coming.
Dude credited with shutting down the malware event in May has been indicted with the allegation that he helped create and distribute the Kronos trojan in 2014-15.
My how the turns table.
Did not see this coming.
Dude credited with shutting down the malware event in May has been indicted with the allegation that he helped create and distribute the Kronos trojan in 2014-15.
My how the turns table.
Site Supporter
Staff online
-
d.kaufmanStill Here -
GodFearinGunTotinSuper Moderator -
KellyinAvonBlue-ID Mafia Consigliere
Members online
- medavis428@
- hurryinhoosier
- Dwight
- snorko
- Taeverling
- jwamplerusa
- k12lts
- deo62
- dwain
- actaeon277
- bigretic
- DoggyDaddy
- WebSnyper
- Old Dog
- llh1956
- jcj54
- Drewfus
- bluzfan66
- d.kaufman
- GodFearinGunTotin
- Bobby
- Dutchmaster
- Blackhawk2001
- TJ Kackowski
- jim b
- jbm1521
- 04FXSTS
- indykid
- dfcrane
- crookcountygo
- Brandon
- glockman49
- Calvin
- eric001
- DDadams
- gregr
- NICKT93
- 223 Gunner
- KellyinAvon
- Ingomike
- INP8riot
- Mr.Softball
- Scott58
- JoeBear44
- rkwhyte2
- jy951
- joe138
- Bill2905
- armalitesheepdog
- Knight Rider
