Telefonica Hit with Ransomware
-
One of Spain's largest ISPs, Telefonica has been hit with ransomware and is reduced to telling staff to turn off their desktops and shut down VPN links.
-
Owch.
-
It's more than just them. A bunch of hospitals in UK, etc.
https://intel.malwaretech.com/botnet/wcrypt
https://www.engadget.com/2017/05/12/12-countries-hit-in-massive-cyber-heist/ -
This is from one of the leaked NSA vulnerabilities.
Sometime I think these leaks do more harm than good. This was a big vulnerability, ideally people would fix them before something like this happens but get real. They need to watch what they leak... especially when it's literally downing hospitals and killing people.
-
@Tim_G said in Telefonica Hit with Ransomware:
Sometime I think these leaks do more harm than good.
Leaks aren't really about doing harm or good, they are about exposing crime and corruption and evil. If we cared about doing good, we'd just down the NSA.
-
@Tim_G said in Telefonica Hit with Ransomware:
They need to watch what they leak... especially when it's literally downing hospitals and killing people.
I can see the point, but what are the ramifications that we can't measure of letting a reckless, unsafe agency like the NSA go completely unchecked because they can claim that exposing them will result in deaths? basically it comes down to a form of extortion where the NSA can soft of threaten to randomly kill innocent people if anyone exposes them. Sure, even the NSA can't choose who lives and dies, but they don't care.
And we can't know that it is a leak that caused this. It could have been the NSA themselves killing people and trying to blame a leak.
At the end of the day there are two 100% responsible parties here... the NSA for being malicious and making systems to kill people and the NHS (in the case of deaths) for not patching systems to any acceptable level of security. The leakers might be in a grey area, but there are two solidly culpable parties that need to be focused on.
-
Yeah I definitely understand and agree with why leaks are good, and the idea behind them.
I'm not blaming the leak, I blame the NSA, NHS (in this example), and the malicious hackers.
But what I would improve upon, with a vulnerability of this scale, knowing what would happen... I would have given more time, or at least withheld some details... allowing appropriate parties to fix things, before leaking everything.
Microsoft fixed the vulnerability a month ago. Great, keep your systems up to date and you're okay... Then if you get infected it's your own fault (as in the NHS's case). But only a month between the patch and malware release?
I think if Microsoft knew about it when they did, but then all the details of the leak weren't leaked publically for a much longer time, chances are that the NHS would have been patched before the malware came out. Of course that depends on the NHS's patch schedule, if any... but you get my point?
-
@Tim_G said in Telefonica Hit with Ransomware:
But what I would improve upon, with a vulnerability of this scale, knowing what would happen... I would have given more time, or at least withheld some details... allowing appropriate parties to fix things, before leaking everything.
I'd agree there except, I'm pretty confident that they had a lot of time to get this fixed and declined to do so. Patches takes very little time. The NHS was hit, and Telefonica too I suspect, because that safety didn't matter to them, it wasn't a priority and they chose to take that risk for whatever reason.
-
@Tim_G said in Telefonica Hit with Ransomware:
Microsoft fixed the vulnerability a month ago. Great, keep your systems up to date and you're okay... Then if you get infected it's your own fault (as in the NHS's case). But only a month between the patch and malware release?
Only a month? that's a long time.
-
@Tim_G said in Telefonica Hit with Ransomware:
Of course that depends on the NHS's patch schedule, if any... but you get my point?
Lives depend on them patching daily. Lives. This isn't a game. If their patch schedule isn't "as needed" it's reckless and unsafe.
-
Example... NTG's patch schedule is "every six hours." Why is the NHS struggling with months, they have one of, if not the, largest IT budget in the world. What could their excuse possibly be?
-
So because the world doesn't work in the "ideal" way that it "should" regarding patching... vulnerabilities should be leaked immediately and hackers should go ahead release their malware. If people die, they die, because you "should" have been keeping your systems up to date... good game.
-
@Tim_G said in Telefonica Hit with Ransomware:
So because the world doesn't work in the "ideal" way that it "should" regarding patching... vulnerabilities should be leaked immediately and hackers should go ahead release their malware. If people die, they die, because you "should" have been keeping your systems up to date... good game.
There is one way to fix this, people patching appropriately. The vulnerabilities are out there and that's not going to cheap. Idealism is nice, but realism is better. In this case, they kind of line up.
The other option is "hope the bad guys play nice so that the 'good guys' don't have to be competent." It's not realistic.
-
@Tim_G said in Telefonica Hit with Ransomware:
So because the world doesn't work in the "ideal" way that it "should" regarding patching... vulnerabilities should be leaked immediately and hackers should go ahead release their malware.
In an ideal world we don't have hackers. Nor do we have anything to leak.
This is purely about a practical method of dealing with the problem. We have people who decided not to patch systems, there is nothing we should say to excuse that. They have jobs where they are tasked with patching systems and securing them to protect lives and didn't. Sure, the NSA and hackers (those are kind of the same and we have to equate any attack using NSA code to a direct NSA attack) are the worst people here, but the leakers are basically bystanders. The NSA/hackers and the NHS slackers (hackers and slackers) are the parties that are truly at fault without question and need to be held accountable.
When we blame the leakers for exposing these malicious parties, we excuse bad behaviour and make it sound like those that didn't bother to do their jobs aren't responsible too.
-
@Tim_G said in Telefonica Hit with Ransomware:
If people die, they die, because you "should" have been keeping your systems up to date... good game.
This is where we literally are today. People dying or possibly dying because they should have properly patched systems and decided, for some reason, that not patching was better. Is patching going to protect against every case? no. But it would have protected against this one.
Imagine saying this about any other field. Oh, the patient died from an infection because the doctor should have washed his hands first... only in an ideal world would doctors wash their hands. of course that is silly. We know that doctors need to be held accountable for washing up, and they do because we don't accept excuses for not doing their basic job with basic diligence. We would never call it an impossible ideal for doctors to wash up. Why is IT seen as different, we are talking about something similarly basic. In fact, we are talking about systems that would have patched themselves if someone didn't intentionally disable that feature, right?
-
@scottalanmiller said in Telefonica Hit with Ransomware:
@Tim_G said in Telefonica Hit with Ransomware:
If people die, they die, because you "should" have been keeping your systems up to date... good game.
This is where we literally are today. People dying or possibly dying because they should have properly patched systems and decided, for some reason, that not patching was better. Is patching going to protect against every case? no. But it would have protected against this one.
Imagine saying this about any other field. Oh, the patient died from an infection because the doctor should have washed his hands first... only in an ideal world would doctors wash their hands. of course that is silly. We know that doctors need to be held accountable for washing up, and they do because we don't accept excuses for not doing their basic job with basic diligence. We would never call it an impossible ideal for doctors to wash up. Why is IT seen as different, we are talking about something similarly basic. In fact, we are talking about systems that would have patched themselves if someone didn't intentionally disable that feature, right?
Yeah, great way of looking at it actually.
-
I mean I know it all sucks and it would be awesome if all the right people got all the right info and took all the right actions. but they don't and won't. So we need to push everyone that we can to do what they can. It's just what we have to work with.
