The Ransomware Apocalypse is Nigh

The Ransomware Meltdown Experts Warned About Is Here - WIRED

Sounds like it’s using a leaked NSA hacking tool. Fun times! If that is confirmed, there is going to be major blowback. Word is that there are people dying in British hospitals because of this.

I can’t read your link without installing an app. Here’s a link for those of us on PC:

Here in Spain the major company affected is a telecom, which has is not too bad in terms of immediate repercussions, but man, does it make you look bad…

Changed it to the direct link, thanks.

The Guardian is reporting that as of last December, 90% of NHS systems were still running WinXP.

The US Navy is paying MS millions for continued XP support. Wonder if the NHS was doing the same?

That kind of thing (big companies using legacy stuff isn’t uncommon) from what I understand. Remember with y2k when everyone was worried about banks and air traffic control stuff because they were using ancient systems?

MS has issued emergency patches to non-supported operating systems (XP/Vanilla 8/Server 2003) to help contain this thing.

Interesting article on how the Wannacry attack was contained:

Looks like this is the first “big one” for my field. It looks like it shut down a car factory in Europe too (Renault)

Apparently the killswitch has already been removed in the latest variant

Nice Job NSA.

Nissan in Sunderland too.

My friend is an electrical engineer (as in power and telecoms infrastructure) and was told to park up his van, not turn laptop on and await a text. He’s still waiting…

I think the most sane line of action is to disconnect these machines from the network. Download the patches to a usb then apply the patches. Connect again and fully patch.

Maybe before all that make a backup of the documents folder.

I don’t use windows machine at work, but some people do, hope I am not affected. I guess I will find this monday.

I like this (pre-ransocaplyse) idea which finds a use for bitcoin and smart contracts — a DAO for ransomware.

You’re going to want to look for the exact variant you have. Chances are you may lose all of the encrypted data. Be aware that is a very probably outcome.

What makes more sense to me, is to let your backup strategy deal with this problem.

If you system is fully updated and you still get hit, you bit the bullet and restore from Today-1.

If you systems are not fully updated. Then you have a real problem, worse than any software bug. I have a few machines that are not fully updated (for reasons), I am not system admin, but I think I am going to be louder (I am sure this is not the right word) when talking about this in the future.

[quote=“Teiman, post:19, topic:129740, full:true”]
What makes more sense to me, is to let your backup strategy deal with this problem. [/quote]Yep, seems the most logical approach. Sadly, MANY people don’t back up well and I’d imagine that holds true for smaller companies (larger, publicly traded companies get rated in part on the integrity of their data and backup systems as I recall, but then we’ve heard some disturbing tales).

That is the best method for these, yes. One issue is that while servers are frequently backed up, the HUGE majority of client machines are not. And it is really, really hard to prevent people from saving important data local to their machines.

As an example, think of every one of your relatives that probably save all their family photos, media, and whatever else local to their home machines. Now imagine the effect of the loss of all of that, because from the latest data, 94% of home users NEVER BACK UP ANY DATA.