The pathetic part about these type of attacks and the ongoing problems is that the bugs are all in the public domain. In many ways the "researchers" are creating their own industry. If I had criminal intent I would have no reason to be intelligent. A monkey can download botnet code and add a few payloads. BackTrack and Metasploit make the process of learning how to attack like learning your abc's and if that doesn't work you can always take lessons online or watch securitytube. Children at Cons explaining how clever their latest repetition of the same theme is.
There is something wrong with an industry that is essentially self perpetuating. All the hoo haa about Advance Persistent Threats while meanwhile XP exploits, clickbait, sql injection and cross-site scripting are rampant. Wikileaks gained nothing by releasing these exploits other than band wagoning to promote itself. If there ever was an ethical component to Wikileaks it has been lost to self promotion.
Before you start dealing with the wolves you have to resolve the problem of the damn mice eating all the grain.
Real security is the worlds most boring subject; separation of concerns, layers, inventory, RACI charts, walking around and checking that the doors are closed, mentoring users. No bushes by the windows, clear line of sight across the entrance ways, ensuring that you have the high ground. Toss in the machine gun emplacements, bullet proof glass and an espresso machine and you are good to go. What is the value, the risk? What level of insurance is required?
The modern tool sets make it easier for unskilled night watchmen to do their rounds but when there are real threats to your property an unskilled night watchman is the last thing you need.
I have always been fascinated by the technical elements but IRL, criminals have no interest in these things. The are simple opportunists. Thieves, Vandals and Assholes - Smash and grab, spray bombs, ass hattery. In my youth I was a minor asshole and that was in the day when you could walk in through the front door and send the sys admin a text message asking if it was OK to run a few jobs on their Cray. Now with all the thieves and vandals being an asshole can put you in a room with people you don't want to have anything to do with.
Shutting down hospitals is going to have serious repercussions that won't be limited to the UK.
Mind you this was a case of handing criminals weapons grade plutonium. Thankfully they actually rather half arsed this worm. However I also doubt it will be the last we see of this.
I'm a sysadmin myself, I came back home yesterday (friday) around lunch time, hearing about this in the news. All the press is speaking of 'attack' and it's hilarious, in my opinion.
At work, I am worried about our two networks that have access to the internet. Will be checking and patching shit (if needed) on Monday. The bad news is that my Windows clients have a group policy of updating manually and some of them I have not checked in a long time. Will have to do ASAP.
I doubt we will have any problem as it is a small network/domain that has arount 40-50 clients/users. Although we had a ransomware case a few years back, only in one client computer but affected network shares (backups to the rescue!) and it was in part our fault as antivirus was not properly installed.
In any case, this wont be the last, or worse case. And the userbase and press will keep being dumb, untrained and uninterested in training, as always.
It is. POSReady 2009 is WinXP Pro with some small stuff added and some small stuff removed. It can boot and install from USB for example, Office will not like to be run on POSReady etc. POS stand for Point Of Sale. Cash registers and the like. After working with cash registers and similar things running this OS, you get convinced it stands for Piece Of Shit though.
There's several other versions of Windows that fit that description. Just sayin'
At work we have one laptop that may or may not be at risk. An oldie on Win7 that was formatted during the free upgrade period and then shelved. It was recently taken out of storage because we hired more staff and I just haven't gotten around to checking if it installs updates automatically or manually.
Seeing as we use Dropbox for all our file storage, that one machine could wreak some serious havoc. Even though normally nobody has access to everything, there are some overlaps between employees and I'm not sure how much he has access to (the downside of having a boss who's also into IT is that he can set those things up without your knowledge or consent). I'm currently syncing everything to my home PC now so I can make a full backup before Monday.
The rest of our machines should be safe though. 3x fully updated Win10, 1x fully updated Win7, 1x Linux Mint, zero worries there.
The malware behind WannaCry (also called WannaCrypt, Wana Decryptor or WCry) was reported to have been stolen from the NSA in April. And while Microsoft said it had already released a security update to patch the vulnerability one month earlier, the sequence of events fed speculation that the NSA hadnât told the U.S. tech giant about the security risk until after it had been stolen.
There is something fishy here. Microsoft made a patch a month before, but apparently only some people got it. I wonder who got the patch in time. If it is random hackers trying to extort money, the authorities could get the people responsible relatively fast. I doubt this is the case. It looks like a threat to get everybody to finally upgrade their software. This kind of thing can't be proved, but I can't help to think there is some kind of complicity.
I might be oblivious since im used to using linux for smb sharing, but wouldn't turning off the crappy version of smb M$ uses be enough? it's obvious they're attacking the retarded way M$ handles user control, to encrypt anything which is writeable on any filesystems available on any discs, network drives etc. e.g. NTFS strikes again.
I know it's easy to put the tinfoil on when it comes to these coincidences, but I could also imagine that they just happened to find the vulnerability themselves and decided to work on a patch. My explanation for the delay of a month would be simply testing. Even Windows XP still has some supported version as mentioned before. It would suck, if they give these specialty customers who need a stable system at all times â which is why they didn't upgrade yet â a patch that breaks something.
Pretty ironic how it's Microsoft calling out these agencies when a year ago they were forcing people to disable windows update or be forced to "upgrade" to windows 10. MS Is just as guilty, who knows how many people said "screw this" and never even bothered to turn Windows Update back on.