Posted on 06/27/2017 7:35:05 AM PDT by MarchonDC09122009
https://www.forbes.com/sites/thomasbrewster/2017/06/27/ransomware-spreads-rapidly-hitting-power-companies-banks-airlines-metro/#17b076ce7abd
Another Massive Ransomware Outbreak Is Going Global Fast
Security #CyberSecurity Jun 27, 2017 @ 09:44 AM
Another Massive Ransomware Outbreak Is Going Global Fast
Thomas Fox-Brewster, Forbes Staff
Ransomware is causing severe problems for major critical infrastructure providers today.
Ukraine's government, National Bank and biggest power companies all warned of cyberattacks Tuesday. Airports and metro services in the country were also reportedly affected, though it appears they're victims of another massive ransomware outbreak that's spreading across the world fast and hitting a significant number of critical infrastructure providers.
(Excerpt) Read more at forbes.com ...
I saw an article the other day that some cretins have started targeting Linux systems with older kernels. Didn’t see any details of the attack vectors, but it is always a good idea to run current kernels. If I got hit by some ransomeware crap, it would take me about 2 hors to recover from a daily backup that the user accounts have no access to. Come to think of it, I would probably reload the box from scratch anyway, as I could not trust it once it had been infected.
While unknown emails are.always suspect, an unexpected link from one of your contacts also poses a risk. Your “friend’s” contact list could have been compromised and his address spoofed on an email to ypu.
Watch that the friend’s email address is the familiar one, and not one followed by a bunch of new characters.
I’ve also fixed ransomware by removing the battery, and following the brief instructions for restoration after “blue screen of death”.
Also hitting delete (x) about fifty times can work.
Obama’s black hats at work.
Why on earth are you still on XP? That is ancient and no longer protected with security patches.
It’s hard to confirm who actually did it. Was it CIA tools that were leaked? Was it Russia? What if it was Russia? Do we go to war with them over this? What if it was Russia using US tools that were stolen and put on the Internet?
That’s smart, but the problem is many people are still running ancient technology. I mean Windows XP is how old and no longer supported!
keeping your kernel current on Linux is tough for many and daily offline backups are even harder.
But you’re right people need to do that or they will eventually be screwed.
BTW: I know some people are using google drive and one drive for their documents and think they are safe because it’s in the cloud. But that won’t help you if you delete the files or have them encrypted via ransomware.
offline backups are the only protection.
any backup that stays connected, either cloud, or local drive, get encrypted as well.
Even that can be spoofed, or your friend's machine may be used to deliver the payload.
“Don’t open an email from anyone!”
opening the email isn’t usually the problem. opening an attachment is what is deadly, or sometimes clicking on a link in an email.
basically NEVER open an attachment unless expected, and never click on a link in an email unless you know the source for certain.
helps to NOT use webmail, but instead read email with a client like thunderbird, as you can get more information about the links in emails than with web email. basically, no one should ever read their email with a web browser.
It’s my bosses company not mine...................
“I went online at another computer and looked it up and downloaded the 2 pages of instructions on how get rid of it.”
—
I haven’t a clue how to do that stuff.
If this “bug” happens to me I’ll just toss my laptop in the trash and buy a new one. I have no important data.
Same here, actually beyond maddening.
I’ll add to or repeat some of your suggestions .....
Use different and complicated passwords on different websites and don’t write them down anywhere in sight.
Enable 2-step verification where ever possible (G-Mail, Facebook etc.).
You can view active sessions in different services to see if anyone else is connected and terminate their access.
On Windows, check your processes from task manager to see if anything unknown or suspicious is running in the background.
Do not give away information that could help anyone guess your password.
Password-protect your private information and store them on external hard drives even if it’s just a backup.
Do not allow auto-run from unknown sources (like USB drives) (this can be done by holding down the Shift button on Windows platform when you connect a USB flash drive)
Disable WPS on your wireless router from its configuration IP at 192.168.1.1.
Choose WPA2/TKIP and pick a long, complicated and unguessable password. (You can also use white list to keep anyone else from connecting to your WiFi.) Also, change your router’s name into a different brand (if it’s TP-Link for example, change it to D-Link or another brand) to lose script kiddies from guessing information on your router.
Do not visit obviously infected websites, the ones your browser advises you against.
Setting up a firewall could help keep script kiddies out of your system. Having an antivirus software will not guarantee you 100% protection, but will clean common malware from your computer when infected and clean flash and external hard drives.
Cover your laptop’s camera with a piece of tape. Although your microphone will still be available to the hacker but at least your picture cannot be seen.
Do not click on popups and dancing kitties to win a prize.
Turn off your wireless router or laptop when you’re not using it.
Check and scan your incoming files. Always.
Try to avoid connecting to public Wi-Fis (such as hotels) and free Internet (such as Starbucks).
When attending places you know might be crowded with hackers, switch your phone to Airplane mode.
Password-protect your phone and computer wherever possible and pick long and complicated passwords that YOU WOULD NOT FORGET.
Password-protect the files you upload. And pick strong passwords. ALWAYS.
Do not download files from untrusted websites. However, portals such as Softpedia - Free Downloads Encyclopedia| FileHippo.com - Download Free Software | FileHorse.com / Free Software Download for Windows | MajorGeeks.Com - MajorGeeks | VideoHelp - Forum and Software downloads are reliable. But official websites are always preferred.
Do not download software or video games from warez websites. Keygens are almost always infected.
Do not browse the deep web.
If you decided to install anti-malware software, keep it updated.
Try to install the latest security updates on your software. Especially Microsoft Windows patches or anti-malware software.
Basic tricks like this never protect you from elite hackers, but will possibly keep you safe from script kiddies and newbies and those who don’t have the time nor the mood to put the effort to hack you.
If your using a Mac, turn on two part authentication, remove adobe flash and java subsystems and leave the security setting to never allow unsigned apps....
Just what I do for my PC’s and Mac’s ..... some might consider a old but working OS called “KNOS secure desktop” which I think is using the BSD kernel on PC’s like Mac’s OS does . Its almost like Tails OS running off RAM memory versus the SSD or HD.
STAY SAFE
Absolutely right I did mean to say email attachment.
ROFL!!!!
That wouldn’t work in this case but you’re funny as heck. :)
I was also.
I think this has gone as far as the governments who are supposed to protect us allow it. We need to determine asap who is doing this, get their coordinates, and launch a few cruise missiles their way.
If I were Trump, I would already have launched a CIA operation to find these people and kill them. Right now there is literally zero risk for anybody pulling these stunts and there must be a consequence for actions designed to destroy entire economies.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.