Thanks to rarestia for the ping!
Posted on 05/12/2017 1:00:35 PM PDT by Oldeconomybuyer
Hackers using a tool stolen from the United States government conducted extensive cyberattacks on Friday that hit dozens of countries around the world, severely disrupting Britain’s public health system and wreaking havoc on computers elsewhere, including Russia.
The tool was leaked by a group calling itself the Shadow Brokers, which has been dumping stolen N.S.A. hacking tools online since last year. Microsoft rolled out a patch for the vulnerability in March, but hackers apparently took advantage of the fact that vulnerable targets — particularly hospitals — had yet to update their systems.
The malware was circulated by email. Targets were sent an encrypted, compressed file that, once loaded, allowed the ransomware to infiltrate its targets.
Among the many other affected institutions were hospitals and telecommunications companies across Europe and Asia, according to MalwareHunterTeam, a security firm that tracks ransomware attacks.
But the extent of the ransomware attacks could be much broader, as the MalwareHunterTeam said it tracks only attacks that have been reported by the victims. Spain’s Telefónica and Russia’s MegaFon were among the largest of the businesses targeted.
Other countries where attacks were reported included Japan, the Philippines, Turkey and Vietnam.
Spain’s national cryptology center said it was dealing with “a massive ransomware attack” affecting Windows systems used by various organizations, without naming them.
Later on Friday, Portugal reported a similar attack. Carlos Cabreiro, the director of a police unit that fights cybercrime, told the newspaper Público that the country was facing “computer attacks on a large scale against different Portuguese companies, especially communication operators.”
(Excerpt) Read more at nytimes.com ...
All jokes and blame aside, this is being heavily exploited and is condition red/severity A across every major security vendor in the world. If you think you are safe by not patching your machine, you're in for a rude awakening.
If you think you're safe using an operating system older than Vista, you're really just biding your time until you lose everything.
This vulnerability is in the SMB (Server Message Block) framework and is very easy to exploit.
Please do not become a statistic!
Thanks to rarestia for the ping!
Related article:
Based on several articles I have read on this, the malware enters via a phishing email. Be careful out there.
I’ve added lots of filters to my email. About 40% of the email I receive is intercepted by the filters. In addition, my ISP has a block list for email which I use. The ISP sends me a list on a monthly basis listing the emails that have been blocked.
You can’t be too careful.
Interesting: Microsoft no longer supports Vista, but they released a Vista patch for this exploit. Nothing for XP.
Support ends 24 months after the next service pack releases or at the end of the product's support lifecycle, whichever comes first.
I’m thinking that Obama was head honcho when the NSA tools walked into the real world.
"Dammit Jim! I'm a doctor, not a systems analyst"
Why doesn’t the NSA assume it’s POSSIBLE someone will steal their stuff... Then the NSA could build into the software a way to shut it down...
In all the thousand of lines of code it’s unlikely hackers would find the back door quickly enough...
Or can’t this be done?
Relates to this recent article about the Shadow Brokers ?
http://freerepublic.com/focus/news/3630886/posts
Also see Equation Group
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.