Page 1 of 6 123 ... LastLast
Results 1 to 10 of 56

Thread: Baltimore City Government Computers Taken Over by Ransomware Hackers

  1. Top | #1
    Administrator lpetrich's Avatar
    Join Date
    Jul 2000
    Location
    Lebanon, OR
    Posts
    6,749
    Archived
    16,829
    Total Posts
    23,578
    Rep Power
    79

    Baltimore City Government Computers Taken Over by Ransomware Hackers

    Baltimore’s ransomware attack, explained - Vox
    Baltimore City Ransomware Attack Knocks City Services Offline : NPR
    Baltimore city government computer network hit by ransomware attack - Baltimore Sun

    From the first link:
    Thirteen bitcoins are standing between the city of Baltimore and many of the services and processes its citizens rely on after hackers seized thousands of government computers at the start of the month. The ordeal has been going on for two weeks, and there’s no clear end in sight.

    Here’s what’s happening: On May 7, hackers digitally seized about 10,000 Baltimore government computers and demanded around $100,000 worth in bitcoins to free them back up. It’s a so-called “ransomware” attack, where hackers deploy malicious software to block access to or take over a computer system until the owner of that system pays a ransom.

    Baltimore, like several other cities that have been hit by such attacks over the past two years, is refusing to pay up. As a result, for two weeks, city employees have been locked out of their email accounts and citizens have been unable to access essential services, including websites where they pay their water bills, property taxes, and parking tickets. This is Baltimore’s second ransomware attack in about 15 months: Last year, a separate attack shut down the city’s 911 system for about a day. Baltimore has come under scrutiny for its handling of both attacks.

    The ransomware attacks in Baltimore and other local governments across the US demonstrate that as ransomware attacks spread, and as common targets such as hospitals and schools beef up their online systems’ security, there are still plenty targets vulnerable to this kind of hack. It also exemplifies the conundrum that ransomware victims face: pay up and get your access back, or refuse — potentially costing much more in the long run.
    From the third link, “We won’t talk more, all we know is MONEY!” the note said. “Hurry up! Tik Tak, Tik Tak, Tik Tak!”

  2. Top | #2
    Fair dinkum thinkum bilby's Avatar
    Join Date
    Mar 2007
    Location
    The Sunshine State: The one with Crocs, not Gators
    Posts
    21,775
    Archived
    10,477
    Total Posts
    32,252
    Rep Power
    83
    Quote Originally Posted by lpetrich View Post
    Baltimore’s ransomware attack, explained - Vox
    Baltimore City Ransomware Attack Knocks City Services Offline : NPR
    Baltimore city government computer network hit by ransomware attack - Baltimore Sun

    From the first link:
    Thirteen bitcoins are standing between the city of Baltimore and many of the services and processes its citizens rely on after hackers seized thousands of government computers at the start of the month. The ordeal has been going on for two weeks, and there’s no clear end in sight.

    Here’s what’s happening: On May 7, hackers digitally seized about 10,000 Baltimore government computers and demanded around $100,000 worth in bitcoins to free them back up. It’s a so-called “ransomware” attack, where hackers deploy malicious software to block access to or take over a computer system until the owner of that system pays a ransom.

    Baltimore, like several other cities that have been hit by such attacks over the past two years, is refusing to pay up. As a result, for two weeks, city employees have been locked out of their email accounts and citizens have been unable to access essential services, including websites where they pay their water bills, property taxes, and parking tickets. This is Baltimore’s second ransomware attack in about 15 months: Last year, a separate attack shut down the city’s 911 system for about a day. Baltimore has come under scrutiny for its handling of both attacks.

    The ransomware attacks in Baltimore and other local governments across the US demonstrate that as ransomware attacks spread, and as common targets such as hospitals and schools beef up their online systems’ security, there are still plenty targets vulnerable to this kind of hack. It also exemplifies the conundrum that ransomware victims face: pay up and get your access back, or refuse — potentially costing much more in the long run.
    From the third link, “We won’t talk more, all we know is MONEY!” the note said. “Hurry up! Tik Tak, Tik Tak, Tik Tak!”
    There are no circumstances in which it is better to pay.

    If you pay, you only have the criminals' word that they will in fact unlock your systems - and criminals are not noted for their trustworthiness.

    Even if they do unlock your systems once you have paid up, there's no reason to expect that they won't come back and repeat the successful extortion; And there's no reason to believe that your system hasn't been infected with other malware - so you STILL have to go to the expense of scrubbing your system clean.

    And of course, there's the moral aspect - if you acquiesce, then you increase the risk of future attacks on others, which is indefensible.

    The immediate term solution is to treat any locked data as lost. Wipe the affected systems, and restore to a known good backup, then re-build. The sooner you start that process, the better. If you don't have a backup stored securely and offline, preferably in a different city, for disaster recovery purposes, then sack your CIO and hire one who has moved out of the 1980s.

    The long term answer is decent security - which is still a rarity. Bizarrely, people STILL click links in unsolicited emails. People still tell their passwords to others, once convinced that they are in authority. People still use simple passwords, and re-use them on multiple systems (something that is exacerbated by the counterproductive implementation of short password life, and overly simplistic rules for complexity).

    Governments and NGOs should mandate the use of password managers, rather than requiring staff to remember complex passwords for multiple systems. And staff need to be aware that divulging their passwords to anyone - including the boss, or the IT department, or the state password inspector - is grounds for instant dismissal.

  3. Top | #3
    Contributor
    Join Date
    Nov 2017
    Location
    seattle
    Posts
    5,080
    Rep Power
    13
    It is endlessly puzzling that organizations by this time do not protect themselves.

  4. Top | #4
    Administrator lpetrich's Avatar
    Join Date
    Jul 2000
    Location
    Lebanon, OR
    Posts
    6,749
    Archived
    16,829
    Total Posts
    23,578
    Rep Power
    79
    Quote Originally Posted by bilby View Post
    The long term answer is decent security - which is still a rarity. Bizarrely, people STILL click links in unsolicited emails. ...
    I don't see why that has to be a security hole. I think that good security involves a lot of idiot-proofing.

    Another thing that's a problem: operating-system design. It seems to me that Windows has some fundamental flaws, some fundamental vulnerabilities that are very difficult to correct. Linux or OSX would be a better choice. OSX comes with Apple hardware, so a company with lots of PeeCees might not be willing to replace them. But Linux can run on those PeeCees, and one can even get a nice GUI shell for it that is roughly comparable with what Windows and OSX come with. KDE and Gnome are the two major ones, but several others have been written for Linux.

    A further virtue of Linux is that it is open source. This makes it easier to vet it for security holes. Strictly speaking, Linux is an OS kernel, but Linux users have created numerous Linux distributions, typically containing Unix utilities, GUI shells, and ordinary-user-ish software like web browsers -- mostly or all open-source.

    Of the other two of the Big Three, OSX is partially open-source, and Windows is all closed-source. Though the OSX GUI shell is closed-source, its kernel is open-source, as are its Unix utilities and C compiler.

  5. Top | #5
    Contributor
    Join Date
    Nov 2017
    Location
    seattle
    Posts
    5,080
    Rep Power
    13
    It goes back to the 60s when people loaded their own software on company computers. When I worked for Loclheed there was a software police checking HD.

    The obvious seems to be to isolate data storage and processing from the net. The Sony hacking for example. To move files from the isolated system somewhere else requiring a hardware and software process.

    If I had a company I'd have two systems. A server for internal use only and a server for outside communications.

    The 386 protected mode was supposed to take care of a lot of hacking.

    What made Windows powerful was the ease of downloading third party apps and running without creating problems with other software.

    There needs to be an OS dedicated to one task without all the frills of Windows. Windows is far beyond an OS. I doubt anyone at MS knows the whole system and all the interactions in detail.

  6. Top | #6
    Super Moderator
    Join Date
    Jun 2010
    Location
    The North
    Posts
    9,293
    Archived
    9,514
    Total Posts
    18,807
    Rep Power
    46
    Security is a money/people problem. First, people who are good with security barely exist, and secondly if you can find them you need to be able to pay them. And before that you have to know that you need heightened security in the first place.

    You'd think these would be trivial problems, but they're absolutely not.

  7. Top | #7
    Veteran Member
    Join Date
    Jan 2015
    Location
    West Hollywood
    Posts
    3,866
    Rep Power
    22
    Quote Originally Posted by steve_bank View Post
    It is endlessly puzzling that organizations by this time do not protect themselves.
    It's very difficult to prevent this sort of thing. What puzzles me more is that it is actually so easy to render the servers useless. I would assume these are some sort Microsoft Windows servers, I really don't know how MS get away with their stuff being so easily fucked up.

  8. Top | #8
    Administrator lpetrich's Avatar
    Join Date
    Jul 2000
    Location
    Lebanon, OR
    Posts
    6,749
    Archived
    16,829
    Total Posts
    23,578
    Rep Power
    79
    Quote Originally Posted by steve_bank View Post
    The 386 protected mode was supposed to take care of a lot of hacking.
    That's only for a computer's internal operations. It doesn't affect such things and files or network access. It is also a heck of a lot older than the Intel-386 chip architecture -- it's at least as old as the IBM System/360 line, and that came out in 1964.

    What made Windows powerful was the ease of downloading third party apps and running without creating problems with other software.
    Was it not possible before? That's news to me. It was a case of desktop computers getting more and more capacious, so that one could run more than one app at once.

    There needs to be an OS dedicated to one task without all the frills of Windows. Windows is far beyond an OS. I doubt anyone at MS knows the whole system and all the interactions in detail.
    There already is one: Linux. There are plenty of other open-source OSes, but that's the best-known one.

  9. Top | #9
    Administrator lpetrich's Avatar
    Join Date
    Jul 2000
    Location
    Lebanon, OR
    Posts
    6,749
    Archived
    16,829
    Total Posts
    23,578
    Rep Power
    79
    A Closer Look at the RobbinHood Ransomware
    The RobbinHood Ransomware is the latest player in the ransomware scene that is targeting companies and the computers on their network. This ransomware is not being distributed through spam but rather through other methods, which could include hacked remote desktop services or other Trojans that provide access to the attackers.

    ...
    Security researcher Vitali Kremez, who reverse engineered the sample, told BleepingComputer that on execution it will stop 181 Windows services associated with antivirus, database, mail server, and other software that could keep files open and prevent their encryption. It does this by issuing the "sc.exe stop" command as shown below.
    Windows. I don't feel very surprised.

    Baltimore Ransomware Attack Update: RobbinHood Malware's Lasting Impact - MSSP Alert

    Will Linux protect you from ransomware attacks? | InfoWorld
    Windows has a 20 year history of leaving its users vulnerable on the internet. Frequent major vulnerabilities too. We had MSBlast which easily could have been ransomware too if it had been invented / famous then. MSBlast basically made any new Windows 2000 or XP version that you would connect directly (i.e. not behind a router) to the internet useless within a minute. I don’t see that much has changed.

    Seeing which Windows version patches were released for the last couple of days you see how extremely old (XP era) vulnerabilities carry over from version to version seemingly. That’s Microsoft for you and has always been.
    However, Linux is not absolutely invulnerable, though it may be easier to secure.
    B0r0nt0K Ransomware Wants $75,000 Ransom, Infects Linux Servers

  10. Top | #10
    Fair dinkum thinkum bilby's Avatar
    Join Date
    Mar 2007
    Location
    The Sunshine State: The one with Crocs, not Gators
    Posts
    21,775
    Archived
    10,477
    Total Posts
    32,252
    Rep Power
    83
    Quote Originally Posted by lpetrich View Post
    Quote Originally Posted by bilby View Post
    The long term answer is decent security - which is still a rarity. Bizarrely, people STILL click links in unsolicited emails. ...
    I don't see why that has to be a security hole. I think that good security involves a lot of idiot-proofing.

    Another thing that's a problem: operating-system design. It seems to me that Windows has some fundamental flaws, some fundamental vulnerabilities that are very difficult to correct. Linux or OSX would be a better choice. OSX comes with Apple hardware, so a company with lots of PeeCees might not be willing to replace them. But Linux can run on those PeeCees, and one can even get a nice GUI shell for it that is roughly comparable with what Windows and OSX come with. KDE and Gnome are the two major ones, but several others have been written for Linux.

    A further virtue of Linux is that it is open source. This makes it easier to vet it for security holes. Strictly speaking, Linux is an OS kernel, but Linux users have created numerous Linux distributions, typically containing Unix utilities, GUI shells, and ordinary-user-ish software like web browsers -- mostly or all open-source.

    Of the other two of the Big Three, OSX is partially open-source, and Windows is all closed-source. Though the OSX GUI shell is closed-source, its kernel is open-source, as are its Unix utilities and C compiler.
    I agree - using Windows seems to be an example of Stockholm Syndrome in many cases.

    In my most recent job, I was issued a laptop that ran RHEL; It did everything I needed, and was certainly easier to use than Windows 8 or 10, for anyone coming from a Win XP or 7 background.

    There's some specialist software that only runs on Windows, but that gap is closing.

Similar Threads

  1. New computers - old blu-ray
    By Jimmy Higgins in forum Computers and Technology
    Replies: 14
    Last Post: 07-12-2018, 04:16 PM
  2. Some of the worst thugs are the police, at least in the city of Baltimore
    By southernhybrid in forum Political Discussions
    Replies: 5
    Last Post: 02-07-2018, 08:30 PM
  3. Baltimore Mayor Does Right By Her City
    By Trausti in forum Political Discussions
    Replies: 0
    Last Post: 04-12-2017, 06:16 AM
  4. Russian hackers compromise DNC network
    By Deepak in forum Political Discussions
    Replies: 1
    Last Post: 06-15-2016, 03:36 PM
  5. computers
    By BH in forum Natural Science
    Replies: 13
    Last Post: 08-16-2014, 02:16 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •