|Old_Zircon - 2017-05-14 |
|Monkey Napoleon - 2017-05-14 |
This is meme news.
"A bunch of people not doing their job got hit with a ridiculously old and what should be laughably ineffective worm. More at 11."
I get that it's everywhere right now, but it's not some technologically sophisticated devious attack. This is the kind of thing your script kiddie contractor writes a paper on and then gets filed away in an NSA vault and doesn't ever see the light of day again, at least until some dingus leaks it.
That's how dumb this is. It can ONLY spread to unpatched windows machines with open smb shares. Exactly WHY the NHS has unpatched machines with smb shares connected to a network with important files on them is a mystery.
The headline here should really be "Why is the NHS wasting public money paying retarded tech professionals high salaries?"
I like the "Russia was hit hardest (but actually only 1000 computers at their Interior Department were affected)" part. If that's the hardest hit, I wonder what happened the other 71-or-so countries.
On the down side, it's entirely possible that people died because of this someplace in the world, since a lot of the targets were medical facilities.
But regardless of how serious the actual attack was, it IS another example of the NSA's inability to keep its shit in order security-wise, and regardles of your opinion of the NSA itself, when they can't even keep random people from walking out (literally or figuratively) with their top secret hax0ring tools that IS serious.
For that matter, since apparently one could disable WannaCry just by registering a given domain, why didn't the NSA do so? Seems like they didn't know they could do that.
Wannacry is a revision of a worm that's been in the wild for a long long time, and it's not what was supposedly stolen from the NSA.
You don't get it from clicking on bad links (although you can), it spreads by itself with zero user interaction through networks using a vulnerability in default settings for smb shares.
The specific method of infection used in this case is the exploit that was "stolen", not the malicious code itself. We're lucky somebody didn't figure it out on their own before all this happened without bothering to tell microsoft, because you and everyone you know who uses windows would be totally fucked right now. There's also no evidence whatsoever that it was even stolen, besides the sayso of some security group who warned microsoft they were releasing the exploit publicly... which was what prompted the patch in the first place back in march. Oh, and also these guys have been trying to sell the exploits since last year. They're not releasing them out of the kindness of their hearts to warn the world about what's going on... they're throwing a temper tantrum because nobody wanted to pay.
Nobody has any idea if this crap was even stolen from the NSA, or if it was, what the circumstances of the theft were. It's not a coincidence where this shit is all coming from.
Stars for Monkey Napoleon for setting the record straight. Thanks!!
|Hooker - 2017-05-14 |
For the love of God, you aren't going to wind up with a bigger penis from some e-mail you receive.
|Jeriko-1 - 2017-05-14 |
This is a cyber criminal's wet dream.
A fucking source code built on retrofitted, highly classified coding. So the alphabet soups, who could possibly help shut this thing down won't help because
Hell, it was some random geek that accidentally found the fed's 'shutdown switch' for the god damned thing they'd put in just in case somebody stole it and er... Turned it into ransomware just like what just happened. But the agencies itself didn't provide this information.
For the blackhats it's like having a 'I-can-do-whatever-the-fuck-I-want' card because the people who can stop you won't intervene lest they spill state secrets.
For what it's worth, one of my coworkers' husbands is a network security specialist and he was already kind of freaking out about this (that is, the NSA's software tools being leaked to the black market) long before the whole Wikileaks thing the other month, and takes it really seriously.
People should be really scared, if they believe the story that's going around.
This is just the latest in a series of these botched blackmail attempts by ShadowBrokers going back to mid 2016. Each time it's getting more and more serious. This is like stage 5, iirc.
It just bugs the ever-loving shit out of me how this is being reported. A bunch of stuff is being ignored, plus the normal problem with tech and science reporting where it's grossly over-simplified and also kind of wrong anyway.
News to do with the intelligence community should always be viewed by everyone through welding goggles made of pure skepticism with the optional "assume everything they say is completely fabricated" filter.
| Register or login To Post a Comment|