Jump to content

Please note: You can easily log in to MPN using your Facebook account!

OT: A new "Ransomware" attack...


Recommended Posts

  • Replies 10
  • Created
  • Last Reply

Microsoft has gone to the extent of publishing a patch for the vulnerability for older, non-supported versions of Windows; including XP, Vista, Windows 8.0, and Server 2003.

This was already patched in the March regular update for later versions.

(This does not totally prevent one from being infected, but it does mean that it doesn't just automatically happen if the worm gets to one's IP address).


Howard Grand|Hamm SK1-73|Kurz PC2|PC2X|PC3|PC3X|PC361; QSC K10's

HP DAW|Epi Les Paul & LP 5-str bass|iPad mini2

"Now faith is the substance of things hoped for, the evidence of things not seen."


Link to comment
Share on other sites

There are two common types of ransomware.


The first is "we've stolen your data and will release it unless you pay". Encryption defeats that, but you have to use it.


The second is "we've encrypted your data and won't give it back unless you pay". Incremental backup defeats that, but you have to use it.


There is a third (infrequent) type of "we've changed your login and password" etc. but two-factor authentication usually defeats that as well.


My point? The tools are there, but you have to use them.

Want to make your band better?  Check out "A Guide To Starting (Or Improving!) Your Own Local Band"


Link to comment
Share on other sites

The second is "we've encrypted your data and won't give it back unless you pay". Incremental backup defeats that, but you have to use it.

Yep, all of the computers at my office are iMacs running Windows 7 via Bootcamp, but there is no critical data stored on them (for both security and HIPAA reasons). My staff is warned not to use the computer for anything that doesn't have to do with work. If anything gets infected, they get wiped and restored. My own work computer that actually does have critical information? A MacBook Pro that is encrypted, password protected, backed up at three separate locations. Oh, and I still use paper charts; EHRs are bullshit...

Link to comment
Share on other sites

Dennis's link is to a news article on the Goverment owned Australian TV network. Paranoia in extremus if you figure you are going to be infected clicking on it.


I am OS ATM and it is big deal in the UK having locked patients records and closed down A and E, ER for those in the US.


This version has affected servers in 73 countries so far and has been traced as a mutation of a version released by the CIA according to SKY TV in a morning broadcast today in Europe.


In my day job an earlier version of this got onto a client machine in early March, as best we can tell by it masquerading as a rogue 3rd party printer update that tagged along after a windows routine update.


We killed it on the client machine and the heuristic detection of another third party AV killed before it got any further on our network.


The bottom line is regular backups on a separately protected back up drive is the only real protection against data locking and loss at this point in time. Plus real time updates to whatever AV you choose to use.


MS AV is a good tool but unfortunately a prime target for exploitation, particularly where over zealous sys admins lock out all updates until they have 'personally' tested them, which so far seems to be the only logical explanation of why the NHS had not applied the MS March security updates.



A misguided plumber attempting to entertain | MainStage 3 | Axiom 61 2nd Gen | Pianoteq | B5 | XK3c | EV ZLX 12P

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...