Toggle sidebar

News Article: That big ransomware attack yesterday

At least the service model kinda jives with the idea that you just own a license to software and not the software itself. No denying it is just another way for the tech world to attach an bank-account-sucking eel to you.
 
  • Like
Reactions: seebell
rgw said:
At least the service model kinda jives with the idea that you just own a license to software and not the software itself. No denying it is just another way for the tech world to attach an bank-account-sucking eel to you.
Click to expand...

I believe Oracle has the Eel Patent
 
  • Like
Reactions: seebell
rgw said:
At least the service model kinda jives with the idea that you just own a license to software and not the software itself. No denying it is just another way for the tech world to attach an bank-account-sucking eel to you.
Click to expand...
They've been saying that for a long time. They're just now starting to make us pay... :)
 
Government forced subscriptions! Note the disclaimer. This is pretty much how regulations work.

https://tante.cc/2017/05/15/dont-just-update/

Software is everywhere. It runs large parts of our economy and structures. In theory, we want it all to be up to date and perfectly supported. In theory, I also would like to have a pet spidermonkey following me around.There are two things we can do.
First: We give entities better tools to estimate the costs of not updating to nudge them in the right direction. The problem with this is that many still will take the cheap road and just hope nothing breaks. Because it’s just software, right? If you don’t touch it, it will run forever!(which is the argument used by many software companies and automation experts to sell that whole shebang).
So we have to go for second: We have to force entities running critical software systems to have support contracts for all relevant software systems. Support contracts that guarantee a certain timeframe in which a patch can be deployed and tested. Support contracts also need to include strategies and processes for major operating system updates. Without that support contract you cannot get insurance for your plant and government entities will shut your plant down. We already force companies to show that they properly handle and maintain other critical parts of their infrastructure (for reasons of public or worker safety or the environment for example), software needs to be included in this.
DISCLAIMER: This legislation would benefit the company I work for because all our customers would be forced to buy a support contract. So take my words with a grain of salt.
Supporting and maintaining software systems needs to be a requirement of being able to run your plant. Because if it’s not legally enforced it will not happen. Believe me, I’ve seen how even big companies maintain their critical assets (after all I work in maintenance) and in more cases than I’m comfortable with the answer is: Not at all.
Click to expand...
 
Anyone not running something like Malwarebytes is asking for it...

Looks like there is enough interest in these wide-spread malware releases that 'fixes' are easy to find for those willing to poke around:

 
Interesting take from arstechnica

https://arstechnica.com/security/20...s-sowing-wiper-not-profit-seeking-ransomware/

Tuesday's massive outbreak of malware that shut down computers around the world has been almost universally blamed on ransomware, which by definition seeks to make money by unlocking data held hostage only if victims pay a hefty fee. Now, some researchers are drawing an even bleaker assessment—that the malware was a wiper with the objective of permanently destroying data.

Initially, researchers said the malware was a new version of the Petya ransomware that first struck in early 2016. Later, researchers said it was a new, never-before-seen ransomware package that mimicked some of Petya's behaviors. With more time to analyze the malware, researchers on Wednesday are highlighting some curious behavior for a piece of malware that was nearly perfect in almost all other respects: its code is so aggressive that it's impossible for victims to recover their data.
In other words, the researchers said, the payload delivered in Tuesday's outbreak wasn't ransomware at all. Instead, its true objective was to permanently wipe as many hard drives as possible on infected networks, in much the way the Shamoon disk wiper left a wake of destruction in Saudi Arabia. Some researchers have said Shamoon is likely the work of developers sponsored by an as-yet unidentified country. Researchers analyzing Tuesday's malware—alternatively dubbed PetyaWrap, NotPetya, and ExPetr—are speculating the ransom note left behind in Tuesday's attack was, in fact, a hoax intended to capitalize on media interest sparked by last month's massive WCry outbreak.
Click to expand...
 
You must log in or register to reply here.

New Posts

Advertisement

Trending content

Advertisement

Latest threads

Top Bottom
Back