Ransom ware attack.... again.
Moderators: DJKeefy, 4u Network
- Horus
- Egyptian God
- Posts: 7933
- Joined: Tue Oct 10, 2006 11:59 pm
- Location: UK
- Has thanked: 2431 times
- Been thanked: 1870 times
- Gender:
- Contact:
Ransom ware attack.... again.
I see we are having another cyber attack of ransom ware, this time mainly in Europe, but it is always worth keeping an eye out and don't open any strange looking files that have attachments. As before it will be older operating systems that mainly get affected, or PC's that are not kept up to date with recent security updates. Just to remind people to make sure that their security downloads are up to date and if you have not already done so make sure you have a recent 'Restore Pont' on your PC made at a time when your PC was working OK, that way if you fall victim you can go back to that restore point and all will be well. Personally I would like to see each country hunt them down and execute a few of them, we may lose some really good PC savvy people, but we may get a bit less of this sort of thing happening. Unfortunately a lot of this stuff is actually state sponsored or a result of computer code intended to be used by state organisations to disrupt an enemy getting into the public domain through carelessness or hacking.
- FABlux
- Egyptian God
- Posts: 9975
- Joined: Tue Aug 09, 2005 1:32 pm
- Location: Luxor
- Has thanked: 155 times
- Been thanked: 78 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
Also read today that the new Aircraft carrier that was launched yesterday is running on XP & is therefore potentially vulnerable to attack.
"Sir Michael Fallon insisted the security around the computer software on the aircraft carrier is "properly protected".
He told BBC Radio 4's Today programme: "It's not the system itself, of course, that's vulnerable, it's the security that surrounds it.
"I want to reassure you about Queen Elizabeth, the security around its computer system is properly protected and we don't have any vulnerability on that particular score."
Hope he's right!
http://www.telegraph.co.uk/news/2017/06 ... e-raising/
"Sir Michael Fallon insisted the security around the computer software on the aircraft carrier is "properly protected".
He told BBC Radio 4's Today programme: "It's not the system itself, of course, that's vulnerable, it's the security that surrounds it.
"I want to reassure you about Queen Elizabeth, the security around its computer system is properly protected and we don't have any vulnerability on that particular score."
Hope he's right!
http://www.telegraph.co.uk/news/2017/06 ... e-raising/
- Horus
- Egyptian God
- Posts: 7933
- Joined: Tue Oct 10, 2006 11:59 pm
- Location: UK
- Has thanked: 2431 times
- Been thanked: 1870 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
As I have said on here before Fabby, it is not the operating system that is at fault and XP was a great O/S it just lacks current support from Microsoft although you will find that people like the M.O.D. will have purchased special support from Microsoft for any systems they have currently running on this. The thing is for people to keep their virus definitions up to date and even with XP you may find that they have slipped a few recent updates in. Better still is to have a good restore point when everything is working OK and always have your important stuff backed up elsewhere, that way if you do get a problem you can reset the clock so to speak.
- HEPZIBAH
- Luxor4u God
- Posts: 12116
- Joined: Sat Mar 25, 2006 9:15 pm
- Has thanked: 1600 times
- Been thanked: 2601 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
Unfortunately, I can see these situations only getting more frequent.
Experience is not what happens to you;
it is what you do with what happens to you.
-Aldous Huxley
it is what you do with what happens to you.
-Aldous Huxley
- Horus
- Egyptian God
- Posts: 7933
- Joined: Tue Oct 10, 2006 11:59 pm
- Location: UK
- Has thanked: 2431 times
- Been thanked: 1870 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
It certainly will Hepzi, you need to keep your eyes open and double check anything and everything that pops up on your screen, just today I had a potential update download that looked very much like a Firefox request to update a security issue that poppped up whilst reading a news link, it was a Java Script file and I was suspicious of it and just deleted it. To make sure I checked my own Firefox settings and all their updates are set to automatic, so this was a potential scam.
- HEPZIBAH
- Luxor4u God
- Posts: 12116
- Joined: Sat Mar 25, 2006 9:15 pm
- Has thanked: 1600 times
- Been thanked: 2601 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
At least you are quite savvy about these things Horus. I'm fairly cautious about emails but there are always some that are just that bit too convincing and it's really hard not to open them sometimes. I generally resist, but it's very easy to click and then think 'oops'.
Experience is not what happens to you;
it is what you do with what happens to you.
-Aldous Huxley
it is what you do with what happens to you.
-Aldous Huxley
- Horus
- Egyptian God
- Posts: 7933
- Joined: Tue Oct 10, 2006 11:59 pm
- Location: UK
- Has thanked: 2431 times
- Been thanked: 1870 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
That is why I keep warning people to be on their toes and to keep their updates ... up to date plus making sure they have a 'restore point' on their PC's
- carrie
- Egyptian Pharaoh
- Posts: 4910
- Joined: Mon Mar 14, 2005 10:46 am
- Location: luxor
- Has thanked: 1860 times
- Been thanked: 2885 times
- Contact:
Re: Ransom ware attack.... again.
How often should you create restore points Horus? I have never done one before but I did when I wanted to move files from one disc to another (which I have done thank you).
My email account changed though without my doing anything a couple of weeks ago, my inbox now shows "focused" and "others" not had any problems with it, seems that it has decided which emails are more important than others, I have McAfee virus thing and that pops up every so often to tell me that it is up to date and working. How often should you change your password? I have heard that it should be changed weekly, only I ever use my computer so does it matter so much?
My email account changed though without my doing anything a couple of weeks ago, my inbox now shows "focused" and "others" not had any problems with it, seems that it has decided which emails are more important than others, I have McAfee virus thing and that pops up every so often to tell me that it is up to date and working. How often should you change your password? I have heard that it should be changed weekly, only I ever use my computer so does it matter so much?
- Horus
- Egyptian God
- Posts: 7933
- Joined: Tue Oct 10, 2006 11:59 pm
- Location: UK
- Has thanked: 2431 times
- Been thanked: 1870 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
Basically Carrie providing your updates are being installed from Microsoft and any programs you install are via their installer wizard (most legit programs are) then the Operating System should automatically make them prior to any changes being made. It does vary from one operating system to the other and the following blurb from Microsoft MAY help explain it to you, but generally speaking Windows XP and Windows Vista, is designed to create a restore point every 24 hours irrespective of whether any system changes occurred during this period, so each day you should have a new one created.
System Restore in Windows Vista creates a checkpoint every 24 hours if no other restore points were created that day.
System Restore in Windows XP creates a checkpoint every 24 hours of absolute time rather than each day.
So you should have at least one snapshot of the operating system for each day or each 24 hours.
This feature was removed in Windows 7 and System Restore in Windows 7 (and Win8) creates a scheduled restore point only if no other restore points have been created in the last 7 days. This means you could have 7 days without a restore point. If your computer gets attacked by malware and becomes unstable you will have to roll back the changes to a point 7 days earlier. You may therefore get a couple of restore points spaced 7 days apart provided there were no in-between restore points created during software/update install.
Blurb from Microsoft
Restore Points
Restore points are created to allow users a choice of previous system states. Each restore point contains the necessary information needed to restore the system to the chosen state. Restore points are created before key changes are made to the system.
System Restore has an automatic restore point space-management feature that purges the oldest restore points to make room for new ones, while still enabling the user to recover from any recent destructive changes.
In Windows 7 on computers with hard drives over 64 GB, System Restore can take up to 5 percent of the disk or a maximum of 10 GB of the disk space, whichever is less. On computers with hard drives of 64 GB or less, System Restore can take at most 3 percent of the disk space.
In Windows Vista, System Restore can take up to 15 percent of the size of the volume or a maximum of 30 percent of the free disk space, whichever is less.
System Restore in Windows XP takes a maximum of 12 percent of the disk space in systems with hard drives over 4 gigabytes (GB), and a maximum of 400 megabytes (MB) for hard drives under 4 GB. To change the maximum storage limit in Windows XP, use the System application in the Control Panel.
The following describes the triggers that cause System Restore to create a restore point.
Event-triggered restore points
System Restore automatically creates a restore point before the following events:
Application installation (provided the application utilizes an installer that is System Restore compliant). If the application install causes system problems, the user can restore the system to a state before the installation of the application.
AutoUpdate installation. AutoUpdate provides an easy way for users to download critical Windows updates. After the update is downloaded, the user can install the update on the system. If the user chooses to install the update, System Restore creates a restore point before the installation of the update begins.
System restore. For example, if a user accidentally chooses the wrong restore point, the user can undo the restore operation by choosing a restore point before the system restore took place. The user can then choose the correct restore point.
Scheduled restore points
System Restore can be configured to create restore points at regular intervals. Users can also manually create and name a restore point at any time from within the System Restore user interface. These restore points are saved and compressed, and these choices are available to the user through the System Restore user interface. System Restore in Windows 7 creates a scheduled restore point only if no other restore points have been created in the last 7 days. System Restore in Windows Vista creates a checkpoint every 24 hours if no other restore points were created that day. System Restore in Windows XP creates a checkpoint every 24 hours of absolute time.
So although all of the above information points to you always having a ‘System Restore’ point on your PC, you can never be sure it is the most up to date one, meaning, one when your system worked problem free. So in the same way as I advised you to take that particular precaution prior to moving all your data from one drive to the other, I would always advise that you create one prior to making any major change to your PC such as adding a new programme. That way if your new installation DID NOT create a new one prior to installing the programme and you had problems then you have a fall back one of your own creation. I should again make it clear that a Restore Point only replaces corrupted Operating System Files so that your PC is still usable again, it does not restore all your programmes and or data, you should always back up your important data elsewhere.
Passwords:
Many sources will tell you to keep changing passwords for security purposes, Mmm, my own jury is still out on this one and here’s why. Most people have problems in remembering passwords so will jot them down somewhere, but we are told “never write down your password in case someone steals it”. So what do we do? Not write it down and then months later we cannot remember it? My own view is to write them down but not have them in your wallet or purse, somewhere at home is just as safe as anything else you value, if you get burgled you will at least know about it and take some action.
As to the passwords themselves, again I would keep as few as possible, some for none important stuff that cannot affect you too much and some for more secure purposes. The important thing IMO is not to keep changing them as that means more confusion, but to make really strong passwords. So what is a strong password, well let me give you an example, but please no one now should try using this example.
Choose a lengthy one, lets say it is ‘pussinboots’
Look at the password and see what can be changed to make it harder to break, but so that you can easily remember those changes.
Always add in some Upper Case letters and some numbers.
So we could change it to be ‘PussinBoots’
Or better still add in some numbers as well, so we could have ‘PussinB00ts’ where the ‘O; is replaced by a Zero. This would be a very strong password.
Even stronger would be to also changed the ‘S’ to a number 5 as it looks similar and easily remembered, so it now becomes ‘Pu55inB00ts’
You probably now get the idea, once you work out a good one you will find it is easier to remember.
Basically no amount of passwords will protect you if you fall victim to scams or trojan ‘key-loggers’ that record what you have typed and could reveal your password/s so certainly change them as soon as you suspect anything unusual, but I’m not sure doing it as a regular thing is of much real use IMO.
System Restore in Windows Vista creates a checkpoint every 24 hours if no other restore points were created that day.
System Restore in Windows XP creates a checkpoint every 24 hours of absolute time rather than each day.
So you should have at least one snapshot of the operating system for each day or each 24 hours.
This feature was removed in Windows 7 and System Restore in Windows 7 (and Win8) creates a scheduled restore point only if no other restore points have been created in the last 7 days. This means you could have 7 days without a restore point. If your computer gets attacked by malware and becomes unstable you will have to roll back the changes to a point 7 days earlier. You may therefore get a couple of restore points spaced 7 days apart provided there were no in-between restore points created during software/update install.
Blurb from Microsoft
Restore Points
Restore points are created to allow users a choice of previous system states. Each restore point contains the necessary information needed to restore the system to the chosen state. Restore points are created before key changes are made to the system.
System Restore has an automatic restore point space-management feature that purges the oldest restore points to make room for new ones, while still enabling the user to recover from any recent destructive changes.
In Windows 7 on computers with hard drives over 64 GB, System Restore can take up to 5 percent of the disk or a maximum of 10 GB of the disk space, whichever is less. On computers with hard drives of 64 GB or less, System Restore can take at most 3 percent of the disk space.
In Windows Vista, System Restore can take up to 15 percent of the size of the volume or a maximum of 30 percent of the free disk space, whichever is less.
System Restore in Windows XP takes a maximum of 12 percent of the disk space in systems with hard drives over 4 gigabytes (GB), and a maximum of 400 megabytes (MB) for hard drives under 4 GB. To change the maximum storage limit in Windows XP, use the System application in the Control Panel.
The following describes the triggers that cause System Restore to create a restore point.
Event-triggered restore points
System Restore automatically creates a restore point before the following events:
Application installation (provided the application utilizes an installer that is System Restore compliant). If the application install causes system problems, the user can restore the system to a state before the installation of the application.
AutoUpdate installation. AutoUpdate provides an easy way for users to download critical Windows updates. After the update is downloaded, the user can install the update on the system. If the user chooses to install the update, System Restore creates a restore point before the installation of the update begins.
System restore. For example, if a user accidentally chooses the wrong restore point, the user can undo the restore operation by choosing a restore point before the system restore took place. The user can then choose the correct restore point.
Scheduled restore points
System Restore can be configured to create restore points at regular intervals. Users can also manually create and name a restore point at any time from within the System Restore user interface. These restore points are saved and compressed, and these choices are available to the user through the System Restore user interface. System Restore in Windows 7 creates a scheduled restore point only if no other restore points have been created in the last 7 days. System Restore in Windows Vista creates a checkpoint every 24 hours if no other restore points were created that day. System Restore in Windows XP creates a checkpoint every 24 hours of absolute time.
So although all of the above information points to you always having a ‘System Restore’ point on your PC, you can never be sure it is the most up to date one, meaning, one when your system worked problem free. So in the same way as I advised you to take that particular precaution prior to moving all your data from one drive to the other, I would always advise that you create one prior to making any major change to your PC such as adding a new programme. That way if your new installation DID NOT create a new one prior to installing the programme and you had problems then you have a fall back one of your own creation. I should again make it clear that a Restore Point only replaces corrupted Operating System Files so that your PC is still usable again, it does not restore all your programmes and or data, you should always back up your important data elsewhere.
Passwords:
Many sources will tell you to keep changing passwords for security purposes, Mmm, my own jury is still out on this one and here’s why. Most people have problems in remembering passwords so will jot them down somewhere, but we are told “never write down your password in case someone steals it”. So what do we do? Not write it down and then months later we cannot remember it? My own view is to write them down but not have them in your wallet or purse, somewhere at home is just as safe as anything else you value, if you get burgled you will at least know about it and take some action.
As to the passwords themselves, again I would keep as few as possible, some for none important stuff that cannot affect you too much and some for more secure purposes. The important thing IMO is not to keep changing them as that means more confusion, but to make really strong passwords. So what is a strong password, well let me give you an example, but please no one now should try using this example.
Choose a lengthy one, lets say it is ‘pussinboots’
Look at the password and see what can be changed to make it harder to break, but so that you can easily remember those changes.
Always add in some Upper Case letters and some numbers.
So we could change it to be ‘PussinBoots’
Or better still add in some numbers as well, so we could have ‘PussinB00ts’ where the ‘O; is replaced by a Zero. This would be a very strong password.
Even stronger would be to also changed the ‘S’ to a number 5 as it looks similar and easily remembered, so it now becomes ‘Pu55inB00ts’
You probably now get the idea, once you work out a good one you will find it is easier to remember.
Basically no amount of passwords will protect you if you fall victim to scams or trojan ‘key-loggers’ that record what you have typed and could reveal your password/s so certainly change them as soon as you suspect anything unusual, but I’m not sure doing it as a regular thing is of much real use IMO.
-
- Member
- Posts: 228
- Joined: Sun Mar 06, 2011 8:33 am
- Has thanked: 201 times
- Been thanked: 115 times
Re: Ransom ware attack.... again.
Nice few unplanned days off for my other half who works for Maersk, one of the affected companies. 1,000 servers and PCs to be rebuilt and no sign of when she'll be summoned back to work.
- FABlux
- Egyptian God
- Posts: 9975
- Joined: Tue Aug 09, 2005 1:32 pm
- Location: Luxor
- Has thanked: 155 times
- Been thanked: 78 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
Horus I loved XP, actually had to pay extra to get my replacement PC with XP rather than the newer software it came with a few years ago. The first thing we did when we arrived in France was get anti virus updates on the laptops we had left here last time, thank God for 40Mb download speeds. We would probably still be waiting for the updates to finish in Egypt.
- Horus
- Egyptian God
- Posts: 7933
- Joined: Tue Oct 10, 2006 11:59 pm
- Location: UK
- Has thanked: 2431 times
- Been thanked: 1870 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
FarleyF, I am very surprised that a company the size of Maersk has not got a better system in place, quite often it is because they have so many PC's and do not use more up to date OS's, but once a vulnerability has been found it will spread like wildfire in a large companies computers as they will all be linked.
Fablux, I agree that XP was one of the best Operating Systems they had, very stable and reliable, shame they still don't support it with new updates.
Fablux, I agree that XP was one of the best Operating Systems they had, very stable and reliable, shame they still don't support it with new updates.
-
- Member
- Posts: 228
- Joined: Sun Mar 06, 2011 8:33 am
- Has thanked: 201 times
- Been thanked: 115 times
Re: Ransom ware attack.... again.
Rumour has it that the ransomware was introduced via an update to an accounting package and as you say, it only took a single machine to be infected for it to spread throughout the organisation even if other machines didn't have this package installed.Horus wrote:FarleyF, I am very surprised that a company the size of Maersk has not got a better system in place, quite often it is because they have so many PC's and do not use more up to date OS's, but once a vulnerability has been found it will spread like wildfire in a large companies computers as they will all be linked.
Trouble is, you're advised to keep your software continually updated to the latest version, so in this case it appears to be a case of "damned if you do, damned if you don't".
I'm still running XP on one of my computers which is in daily use. Never had a single problem with it.Horus wrote:Fablux, I agree that XP was one of the best Operating Systems they had, very stable and reliable, shame they still don't support it with new updates.
- Horus
- Egyptian God
- Posts: 7933
- Joined: Tue Oct 10, 2006 11:59 pm
- Location: UK
- Has thanked: 2431 times
- Been thanked: 1870 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
The thing is that updating software is not the same as updating the Operating System. Software is usually provided by a third party such as those that updated their accounting package, so the onus was on the supplier to have checked it did not contain any Malware prior to issuing it as an update.
The irony with using XP is that although it is no longer supported, it is probably less vulnerable to new viruses than it ever was before. The reason being that the hackers and makers of malicious software will concentrate on the newer operating systems as less people will be now using XP so it is not worth their time and effort. It is the same reason that people are deluded into thinking that Apple Macs are less vulnerable to virus attacks, not so, it is purely down to there being much less of them in use than conventional PC’s, so they are targeted less, its a law of diminishing returns. If they were to become the most popular home computer then the hackers and virus makers would just target them instead.
The irony with using XP is that although it is no longer supported, it is probably less vulnerable to new viruses than it ever was before. The reason being that the hackers and makers of malicious software will concentrate on the newer operating systems as less people will be now using XP so it is not worth their time and effort. It is the same reason that people are deluded into thinking that Apple Macs are less vulnerable to virus attacks, not so, it is purely down to there being much less of them in use than conventional PC’s, so they are targeted less, its a law of diminishing returns. If they were to become the most popular home computer then the hackers and virus makers would just target them instead.
-
- Member
- Posts: 228
- Joined: Sun Mar 06, 2011 8:33 am
- Has thanked: 201 times
- Been thanked: 115 times
Re: Ransom ware attack.... again.
No it isn't, but changing operating systems for a company the size of Maersk is a massive and expensive task. It's never going to happen quickly.Horus wrote:The thing is that updating software is not the same as updating the Operating System.
In theory maybe. But the NHS cyber attack a couple of months back was partly due to large numbers of Windows XP computers on their network.Horus wrote:The irony with using XP is that although it is no longer supported, it is probably less vulnerable to new viruses than it ever was before.
- Horus
- Egyptian God
- Posts: 7933
- Joined: Tue Oct 10, 2006 11:59 pm
- Location: UK
- Has thanked: 2431 times
- Been thanked: 1870 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
You have missed my point, I have never said that XP was not vulnerable, in fact I have said the opposite. Now that it is no longer supported by Microsoft updates it will be vulnerable to being exploited by anyone who fancied doing it, my point was that the less troublesome trojans and viruses (other than the ones that already exist) are likely to be less as home owner usage of that system declines.
Large companies are another matter and if they choose to rely upon vulnerable operating systems and do not put the IT infrastructure in place to protect it, then that is really their own problem. Many of these companies and organisations have a pretty laissez faire attitude towards who uses their systems and for what purpose, so people searching the web or using emails in their works time can easily introduce these bits of malware.
Large companies are another matter and if they choose to rely upon vulnerable operating systems and do not put the IT infrastructure in place to protect it, then that is really their own problem. Many of these companies and organisations have a pretty laissez faire attitude towards who uses their systems and for what purpose, so people searching the web or using emails in their works time can easily introduce these bits of malware.
- carrie
- Egyptian Pharaoh
- Posts: 4910
- Joined: Mon Mar 14, 2005 10:46 am
- Location: luxor
- Has thanked: 1860 times
- Been thanked: 2885 times
- Contact:
Re: Ransom ware attack.... again.
My son in law works for Maersk and my daughter used to, not heard that he is having time off, unfortunately.
Now everyone must know that I am not the most computer literate person in the world but I was listening to the radio yesterday and a reporter was saying something about Http/ or something like that and he said that the full address of a web site should show in the window at the top of the screen and if it does so then the site is safe and hasn't had a key logger or malware installed?
Now everyone must know that I am not the most computer literate person in the world but I was listening to the radio yesterday and a reporter was saying something about Http/ or something like that and he said that the full address of a web site should show in the window at the top of the screen and if it does so then the site is safe and hasn't had a key logger or malware installed?
- Who2
- Egyptian God
- Posts: 7925
- Joined: Fri Jul 16, 2010 12:04 pm
- Location: Laandaan
- Has thanked: 1115 times
- Been thanked: 3216 times
- Gender:
Re: Ransom ware attack.... again.
Should have used a Mac, we waste our breath.......
"The Salvation of Mankind lies in making everything the responsibility of All"
Sophocles.
Sophocles.
- Major Thom
- Royal V.I.P
- Posts: 2885
- Joined: Mon Mar 30, 2015 5:45 am
- Has thanked: 189 times
- Been thanked: 375 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
I use an external drive to keep things on, everything I do I keep on it, just feels safer to me.
- Horus
- Egyptian God
- Posts: 7933
- Joined: Tue Oct 10, 2006 11:59 pm
- Location: UK
- Has thanked: 2431 times
- Been thanked: 1870 times
- Gender:
- Contact:
Re: Ransom ware attack.... again.
You certainly are wasting yours in telling us that Macs are not vulnerable, they are no less vulnerable than any other PC, enlighten yourself and read some of the above, you may even like to read these linksWho2 wrote:Should have used a Mac, we waste our breath.......
http://time.com/4249413/apple-mac-ransomware-hack/
or even this
https://answers.yahoo.com/question/inde ... 808AA3D3QK
Both confirm what I have been trying to tell you all, I reckon it is me who is wasting his breath in trying to enlighten you all
-
- Similar Topics
- Replies
- Views
- Last post