Stories
Slash Boxes
Comments

SoylentNews is people

Breaking News
posted by janrinok on Saturday July 03 2021, @10:55AM   Printer-friendly
https://www.bbc.com/news/world-us-canada-57703836

About 200 US businesses have been hit by a "colossal" ransomware attack, according to a cyber-security firm.

Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software.

Kaseya said in a statement on its own website that it was investigating a "potential attack".

Huntress Labs said it believed the Russia-linked REvil ransomware gang was responsible.

The US Cybersecurity and Infrastructure Agency, a federal agency, said in a statement that it was taking action to address the attack.

The cyber-breach emerged on Friday afternoon as companies across the US were clocking off for the long Independence Day weekend.

The two big things that are keeping cyber-security professionals up at night lately are ransomware attacks and supply chain attacks. This latest incident combines both nightmares into one big Independence Holiday weekend-ruining event for hundreds of US IT teams.

Ransomware is the scourge of the internet. Multiple organised criminal gangs are constantly attempting to gain access to computer networks to hold them hostage. The rate of attack is relentless but it can take a lot of time and effort on the criminals part to successfully hijack one victim's computer system.

See also:

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Insightful) by Anonymous Coward on Saturday July 03 2021, @01:26PM (8 children)

    by Anonymous Coward on Saturday July 03 2021, @01:26PM (#1152547)

    The real source of the weakness is integrated systems all networked. Replace this with something other than Windows, and you still have the same problem.

    Starting Score:    0  points
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  

    Total Score:   1  
  • (Score: 4, Insightful) by HiThere on Saturday July 03 2021, @02:04PM (4 children)

    by HiThere (866) Subscriber Badge on Saturday July 03 2021, @02:04PM (#1152562) Journal

    I'm really convinced that handling this is, in principle, possible. But not if you require the ability to execute programs to be transmissible. So doing it securely would make many things either a lot more difficult or impossible. HTML version 1 (before javascript and similar) was probably secure. So was the original email. Of course, if you allow an interpreter to automatically execute a tagged file than all bets are off.

    --
    Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
    • (Score: 0) by Anonymous Coward on Saturday July 03 2021, @02:45PM (2 children)

      by Anonymous Coward on Saturday July 03 2021, @02:45PM (#1152571)

      The networking protocols are very insecure at the lower layers... They were not designed with hostile environments in mind. We can bandaid on top of this, but the fundamental weaknesses of our network architectures will still be there.

      • (Score: 2) by Rich26189 on Saturday July 03 2021, @03:20PM (1 child)

        by Rich26189 (1377) on Saturday July 03 2021, @03:20PM (#1152576)

        I don’t know how these most recent attacked were perpetrated, TFS doesn’t say, but I disagree that the networking layers are the likely attack point. Enterprise level equipment has very robust networking layers, especially the lower ones. I can’t speak about the upper layers, e.g. 7 (yeah, I’m that old) but I have to think they’re not untested.

        At this point we’re talking about the 6th Domain of Warfare.

        • (Score: 0) by Anonymous Coward on Saturday July 03 2021, @05:24PM

          by Anonymous Coward on Saturday July 03 2021, @05:24PM (#1152610)

          All that "enterprise level equipment" is only needed due to the horrible design of the basic networking protocols... We segment the networks to stop our machines from blabbing everything they do and know where anyone can hear.

    • (Score: 4, Insightful) by Mojibake Tengu on Saturday July 03 2021, @03:00PM

      by Mojibake Tengu (8598) on Saturday July 03 2021, @03:00PM (#1152574) Journal

      Axiom 0: data is code and code is data.
      => Every code is someone's data.

      You are right about original Web was accidentally[1] safe, because html1 markup before scripting happened to be a declarative language, not executable language.

      But the fundamental design error was made with Web not designed by intention as pure declarative in client context, like, say, forming pages pure declaratively[2] in Prolog or a dialect, and letting clients to decide completely what they turn to rendering execution about it, enabling logical deductions about pieces of information. Instead, we got executive hell by foreign code enforced on clients.
      The same with emails.

      This will never be fixed. Not by adding more jails and fortifications to clients. Not in this decadent political digitalism epoch.

      [1] 'accidental' as in ancient Aristoteles' meaning
      [2] Note HTTP/HTML predecessor, the gopher, was very primitive but made declarative, evolved from classic BBS's menu systems.

      --
      Respect Authorities. Know your social status. Woke responsibly.
  • (Score: 1, Insightful) by Anonymous Coward on Saturday July 03 2021, @03:28PM

    by Anonymous Coward on Saturday July 03 2021, @03:28PM (#1152580)

    The real source of the weakness is integrated systems all networked.

    Indeed. Did Battlestar Galactica teach us nothing?

  • (Score: 0) by Anonymous Coward on Saturday July 03 2021, @04:01PM

    by Anonymous Coward on Saturday July 03 2021, @04:01PM (#1152594)

    Replace this with something other than Windows, and you still have the same problem.

    In case of one single something, sure; Android is enough of demonstrable proof. A forced monoculture is the problem, it does not matter who is forcing what.

    Customizable systems, and making use of that customization, is the solution. When you have a dozen Linux distros, each with several supported versions, with final users (IT dept) recompiling the kernel and some other things and uninstalling other things, to match the setup to their actual needs - a nice zero-day exploit for some version range of SHITTTP protocol handler suddenly becomes usable only on the tiny minority of systems, those that actually are using SHITTTP + have an exploitable version installed.

    That setup would not much help clueless end users with no one to do their customization for them, but even then, "some version of some distro" is a much smaller target than "same install and patch of same Windows". As demonstrably proven with Android exploits.

  • (Score: 2) by Gaaark on Saturday July 03 2021, @08:29PM

    by Gaaark (41) on Saturday July 03 2021, @08:29PM (#1152643) Journal

    No: if you use Windows and I use Manjaro, the problem will stop with you.

    Malware makers would have to target EVERY O/S if they want their malware to spread.

    Teh way it is now, they just have to target Windows systems to cause problems. Vary the O/S environments and make it harder to crack the system, just like if everyone used the same password....

    ....use a different password on every system, every system is harder to crack.

    --
    --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---