My wife's hospital will be hitting the news shortly

[Ph64]

http://www.independent.co.uk/news/world ... 10471.html

It sure is a good thing the NSA had all those security holes they knew about and didn't tell anybody about... and kept them "safe" from getting out.

[SuburbanFarmer]

http://www.independent.co.uk/news/world ... 10471.html

It sure is a good thing the NSA had all those security holes they knew about and didn't tell anybody about... and kept them "safe" from getting out.

“This image is being displayed by all computers of the government.”

[The Conservative]

This is where admins fail their job... especially ones that are there to collect a paycheck only.

[Ph64]

http://www.independent.co.uk/news/world ... 10471.html

It sure is a good thing the NSA had all those security holes they knew about and didn't tell anybody about... and kept them "safe" from getting out.

“This image is being displayed by all computers of the government.”

"Making the world safe for democracy."

[Dand]

I'm also feeling the slight effects from today's ransomware. My company isn't hacked but some people we do business with are almost completely offline.

I don't have much sympathy. The companies being held for ransom are not being careful enough.

When its hospitals being attacked people can die. What kind of sick fuck are you?!

Should've been more clear, sympathetic for the people but not the business. It must have been a month since the last big ransomware outbreak and if businesses have such important data then they need to protect it rigorously or keep it offline. Or just pay the ransom if people's lives are at risk.

It isn't just hospitals being attacked but attacking hospitals is an extra immoral ransom.

[DBTrek]

The people who were hit by WannaCry were two months behind on patches, yet they cried the blues until Microsoft gave them free patches.
Now we're FIVE months past Microsoft patching SMBv1.0 and folks are STILL getting hit.

At some point IT people need to assume some responsibility.
/shrug

[The Conservative]

The people who were hit by WannaCry were two months behind on patches, yet they cried the blues until Microsoft gave them free patches.
Now we're FIVE months past Microsoft patching SMBv1.0 and folks are STILL getting hit.

At some point IT people need to assume some responsibility.
/shrug

IT should have assumed responsibility a week after the patch came out. There is no excuse why not to have your network or at least systems patched to keep it from happening. Any company that has an IT at this point in time that allowed this to happen need to be fired and blacklisted from any other IT job out there.

[Ex-California]

About time it hit the news.

http://triblive.com/local/regional/1245 ... y-incident

http://www.wilx.com/content/news/US-dru ... 06343.html

I just saw it on the news here

[Ph64]

https://www.forbes.com/sites/thomasbrew ... 30beb3532e

That's cause for embarrassment among infected companies: Microsoft released a patch earlier this year which prevented any EternalBlue hacks, even pushing out updates for older, unsupported Windows systems like XP. Businesses should have patched by now, especially given the carnage WannaCry caused.

Extra powers

NotPetya has some extra powers that security experts say make it deadlier than WannaCry. While EternalBlue has allowed it to spread via a weakness in Windows' SMB, it has other tools for moving at speed across networks. For instance, according to former NSA analyst and cybersecurity entrepreneur David Kennedy, the ransomware finds passwords on the infected computer to move to other systems. It does that by extracting passwords from memory or from the local filesystem, he explained.

"This is going to be a big one. Real big one," Kennedy added.

Another proliferation technique is NotPetya's abuse of PsExec. The tool is meant to carry out limited actions on other systems, but in this case its spreading the infection by executing malicious code on other computers. For instance, if the infected PC has administrator access to the network, every computer can become infected. A similar method is used by NotPetya with the Windows Management Instrumentation (WMI) tool, according to security expert Kevin Beaumont.

"This dangerous combination may be the reason why this outbreak has spread globally and rapidly, even after the previous outbreaks have generated media headlines and hopefully most vulnerabilities have been patched," said ESET researcher Robert Lipovsky. "It only takes one unpatched computer to get inside the network, and the malware can get administrator rights and spread to other computers."

Perhaps most crucially, thanks to all these added features, the new strain will infect even patched Windows PCs, including those with Windows 10, as one IT professional noted in a blog, whereas WannaCry worked largely on older systems.

Anyone even considering paying hackers to unlock their computers should reverse course, however: the email account set up to provide keys has been shut down by the provider, Posteo. Thanks to that, there's no obvious way of recovering files without backups.

[MilSpecs]

If we all automatically had rights to our medical records, this could at least be less of a problem. We could just run our copies over. Always ask for copies any time you see a doctor or get lab work done. You may not always get it but at least make the attempt.