Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.
posted by n1 on Monday May 15 2017, @12:43AM   Printer-friendly
from the mouse-and-cat dept.

[Update at 20170515_022452 UTC: Instructions for what to do on each affected version of Windows can be found at: https://www.askwoody.com/2017/how-to-make-sure-you-wont-get-hit-by-wannacrywannacrypt/ -- I've had excellent luck in the past following his advice on when and how to update Windows. Clear, hands-on instructions are a big win in my book. --martyb]

Previously: "Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS.

tl;dr: If you have not already patched your Windows computer(s), you may be at risk from a new variant of the WannaCrypt ransomware worm which lacks a kill switch and was seen over the weekend. Sysadmins are preparing for a busy Monday when countless other users return to work and boot up their PC.

WannaCrypt (aka WCry), is a ransomware worm that wreaked havoc across the internet this past weekend. It disabled Windows computers at hospitals, telecoms, FedEx, and banks (among many others). Files on user's machines were encrypted and the worm demanded $300 or $600 worth of Bitcoin to decrypt (depending on how quickly you responded). Reports first surfaced Friday night and were stopped only because a researcher discovered a domain name in the code, which when registered, caused the malware to stop infecting new machines.

We're not out of the woods on this one. Not surprisingly, a variant has been seen in the wild over the weekend which has removed the domain check. Just because you may not have been hit in the initial wave of attacks does not necessarily mean you are immune.

Back in March, Microsoft released updates to Windows to patch vaguely-described vulnerabilities. Approximately one month later, a dump of purported NSA (National Security Agency) hacking tools were posted to the web. The WannaCrypt ransomware appears to be based on one of those tools. Surprisingly, the Microsoft patches blocked the vulnerability that was employed by WannaCrypt.

In a surprising move, Microsoft has just released emergency patches for out-of-mainstream-support versions of Windows (XP, 8, and Server 2003) to address this vulnerability.

Sources: Our previous coverage linked above as well as reports from the BBC Ransomware cyber-attack threat escalating - Europol, Motherboard Round Two: WannaCrypt Ransomware That Struck the Globe Is Back, and Ars Technica WCry is so mean Microsoft issues patch for 3 unsupported Windows versions.

What actions, if any, have you taken to protect your Windows machine(s) from this threat? How up-to-date are your backups? Have you tested them? If you are a sysadmin, how concerned are you about what you will be facing at work on Monday?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Insightful) by aristarchus on Tuesday May 16 2017, @02:39AM (1 child)

    by aristarchus (2645) on Tuesday May 16 2017, @02:39AM (#510358) Journal

    Linux is not an instant cure. Most of the protection is just because the most popular attack surface is in M$ Land. You really think that will last?

    Yes? Now, why do I think that? Should I stay on my high horse? Unix is a networked operating system, by design, from the beginning. That means security. Not perfect security, no one is saying that, but much better than a toy operating system that had networking capability cobbled onto it with disastrous results.

      As for the "attack surface" argument, I want to point out that I have a charm in my pocket that wards off tiger attacks. Works like a charm! Why? Because it is one! What would happen if I were to go out, and forgot to bring my anti-tiger attack charm with me? Well, obviously I would be attacked by a tiger! Of course, there are no tigers where I live, or even anywhere even remotely nearby, but it is the charm that does the trick!

      Do I need to make the analogy transparent, without going automotive? Going out without my charm is the equivalent of Linux becoming the dominant operating system, being attacked by a tiger is equivalent to something like WannaCry doing as much damage as it has done by means of Windows. So once again, the horse is not dead, because there is no tiger! (Well, there is one in the zoo, but usually he does not escape, and if he does, you just throw a Windows user in the tiger's path before he gets to you. But again, low odds. Linux is structurally superior to Windows.)

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by edIII on Tuesday May 16 2017, @02:57AM

    by edIII (791) on Tuesday May 16 2017, @02:57AM (#510368)

    Linux is structurally superior to Windows

    The Death Star was structurally superior to a Star Destroyer, and even the Millenium Falcon (it really was a hunk of junk), but those pesky Bothans still found a fatal flaw :)

    Don't be too proud of that technological terror you've constructed aristarchus :)

    --
    Technically, lunchtime is at any moment. It's just a wave function.