Page 2 of 6 FirstFirst 1234 ... LastLast
Results 11 to 20 of 56

Thread: windows under attack! May 2017

  1. #11
    Senior Member
    Join Date
    May 2012
    Location
    Kent
    Posts
    400
    Quote Originally Posted by nukecad View Post
    Come on, if this was deliberately targeted at the NHS then it would be asking for millions.
    I don't believe it was a deliberate attack on the NHS. Never suggested it was.

    As you say if it was they would asking for more. Again, as you say outdated software allows such a virus to spread easily and quickly. It will bring some overdue attention to the issue of cyber crime and the potential consequences.
    No single thing can define me; not my work, not my politics, not my hobbies, not my vices and not my disability. I'm way more complex than that!

  2. #12
    Senior Member Lighttouch's Avatar
    Join Date
    Mar 2011
    Location
    Manchester
    Posts
    3,552
    In my opinion big organisations should be working from the 'cloud'.

    Each computer would be running the latest software on the latest system software with the latest security patches. This would have protected them from ransom attacks.

    Apple OS System software is seldom under attack as only 5 or 10% of computer users are Apple Mac users- its not worth attacking the OS system software.

  3. #13
    Senior Member nukecad's Avatar
    Join Date
    Jun 2014
    Location
    West Cumbria (Lake District)
    Posts
    4,799
    Well things have/are settling down now. No doubt we'll find out more as time passes and the tech heads get to work on it.

    As suspected it was a Wannacryptor variant combined with the Eternalblue worm that formed the attack.
    Both of these are known about, and up to date security software would have stopped them.
    http://www.wired.co.uk/article/wanna...tor-ransomware

    The problem with large organisations like the NHS is that they have a lot of machines to update.
    They don't trust their users, don't trust the cloud, and don't even trust Microsoft, so tend to put updates off for a few months, leaving them vulnerable as they have just found out.

    The first thing to say is that your health records (or anything else) have not been stolen.
    Ransomware does not steal anything, it just encrpts what is there so that you can't read it.
    (Which is one reason why you should always have your files backed up on a removable drive).

    Hopefully the NHS had off-site backups of the files that got encrypted, otherwise they are in real trouble now.
    Some more recent files (from Friday morning) will probably not have been backed up, and will probably be lost altogether

    The second thing to say is that your home computer is most likely safe against this particular attack.
    It was computers on large networks, with out of date security, that were affected.
    (It was the worm element that spread the ransomware across the networked computers).

    What can you do to be sure you dont get a nasty like this?
    • Don't click on any (unknown) links in any emails. If in doubt don't click any link in an email.
    • Make sure your anti-virus and anti-malware programme definitions are up to date. (There will be a '"Check for Updates" button - use it. And turn on automatic updates, if you are not sure then check on google where to find it for your AV).
    • If you have an earlier version than Windows 8.1 then make sure that you do have an Anti Virus installed. (8.1, & 10 use Windows Defender AV unless you have a 3rd party AV installed, so they are always protected).
    • Don't try to run 2 different Anti-Virus programmes at once, they will clash and leave you vulnerable.
    • But do consider getting 'layered' protection by installing Anti-malware as well as (or instead of) your Anti-Virus.



    This may be slightly against forum advertising rules, but I feel it is warranted at the moment.
    Take a look at "Malwarebyres3" Anti-Malware.
    This will run alongside your existing Anti-Virus and works in a diferent way to protect you.

    AV's usually check files against a list of already know viruses, MBAM3 looks for things actually trying to do something they shouldn't on your computer.
    So it can stop malware that has never been seen before and is not on any list - what is known as a Zero Day attack.
    Some people have actually replaced their paid for AV completely with MBAM3, others run both side by side.
    The usual set up seems to be having Windows Defender as the AV with MBAM3 as the AM.

    There is a 14 day trial, after which it costs £30/year for full protection or you can keep it for free and just use it as a manual scanner once a week or so. (Obviously you need the paid for version for the real-time protection).
    https://www.malwarebytes.com/trial/

    More about MBAM3
    https://forums.malwarebytes.com/topi...ked-questions/

    Disclaimer- I have no connection with Malwarebytes, (other than using their programmes). Other Anti-Malware is available.
    Last edited by nukecad; 05-13-2017 at 12:50 PM.
    I'm intelligent enough to know that I don't know everything.
    But I'm good at searching for, and finding, stuff.


    Migration from ESA to Universal Credit- Click here.

  4. #14
    Senior Member
    Join Date
    Sep 2013
    Posts
    453
    and Spybot search and destroy along with CCleaner for the registry tool............. I use Bitdefender along with these

  5. #15
    Senior Member nukecad's Avatar
    Join Date
    Jun 2014
    Location
    West Cumbria (Lake District)
    Posts
    4,799
    Quote Originally Posted by stree View Post
    and Spybot search and destroy along with CCleaner for the registry tool............. I use Bitdefender along with these
    Be very careful using the registry cleaner in CCleaner (or any other registry cleaner), if you don't know just what your doing you could make your machine unusable.
    Many have 'bricked' their computers in the past by just blithely using it without knowing what they were doing.

    Registry cleaners are a tool to be used by a technician when fixing problems on a computer.
    Using one yourself will not make your computer run any faster, (Despite what some of them claim).

    The best advice on Piriforms own website is not to use any registry cleaner at all with Windows 10.
    Win 10 gets updated so often that the registry cleaner may not recognise something, and delete a vital registry key.

    Just using the file cleaner in CCleaner is safe, and indeed recommended, but registry cleaners can get you into big trouble.
    Last edited by nukecad; 05-13-2017 at 02:14 PM.
    I'm intelligent enough to know that I don't know everything.
    But I'm good at searching for, and finding, stuff.


    Migration from ESA to Universal Credit- Click here.

  6. #16
    Senior Member nukecad's Avatar
    Join Date
    Jun 2014
    Location
    West Cumbria (Lake District)
    Posts
    4,799
    Microsoft have now confirmed that Windows 10 was not targeted by any of yesterdays attacks.
    (It was already protected against them).

    They have also taken the unusual step of providing a security patch for older machines, including Windows XP which has been out of security support since April 2014. (But was the main OS attacked at the NHS who still run this outdated OS on many PC's).
    There is also a Security Update for Windows 8 which is also out of automatic security support. (8.1 still gets automatic support).
    Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download (see links below).
    You can find the full article, and the Security Update if you need it for XP or Windows 8 (NOT needed for 8.1), here:
    https://blogs.technet.microsoft.com/...crypt-attacks/
    Last edited by nukecad; 05-13-2017 at 12:56 PM.
    I'm intelligent enough to know that I don't know everything.
    But I'm good at searching for, and finding, stuff.


    Migration from ESA to Universal Credit- Click here.

  7. #17
    Senior Member
    Join Date
    Sep 2013
    Posts
    453
    Quote Originally Posted by nukecad View Post
    Be very careful using the registry cleaner in CCleaner (or any other registry cleaner), if you don't know just what your doing you could make your machine unusable.
    Many have 'bricked' their computers in the past by just blithely using it without knowing what they were doing.

    Just using the file cleaner is fairly safe, but registry cleaners can get you into big trouble.
    The CCleaner one is a cleaner...yes.......but the scan for issues tool just brings up unused and obsolete entries that can be safely deleted.
    Your comment that machines were bricked by those who did not know what they were doing does not make the tools bad, just the users that are not fit to be using them. There is little protection against users unable to think.





    I will add here that I have had more than a few ransomware attacks, but got rid of them in seconds..........How?
    When you get the page pop up that informs you that the ransomware is onboard, on a win PC, press alt-ctr-delete to bring up taskmaster, go to "Processes" scan the list and when you see the ransomware highlight it the go to bottom right corner to box named "end process" and click..............Ransomware gone.............
    This is MS recommended practice.
    Last edited by stree; 05-13-2017 at 02:26 PM.

  8. #18
    Senior Member nukecad's Avatar
    Join Date
    Jun 2014
    Location
    West Cumbria (Lake District)
    Posts
    4,799
    Quote Originally Posted by stree View Post
    Your comment that machines were bricked by those who did not know what they were doing does not make the tools bad, just the users that are not fit to be using them. There is little protection against users unable to think.
    Agreed, I have edited my post above to explain it a bit more.

    I have suggested before today that the reg. cleaner be moved into the 'Advanced' section so that unsavvy users are not tempted.
    I'm intelligent enough to know that I don't know everything.
    But I'm good at searching for, and finding, stuff.


    Migration from ESA to Universal Credit- Click here.

  9. #19
    Senior Member nukecad's Avatar
    Join Date
    Jun 2014
    Location
    West Cumbria (Lake District)
    Posts
    4,799
    Interesting article from 2 years ago, when the government decided not to buy extended security support for XP computers.
    https://www.theguardian.com/technolo...p-support-ends
    The Government Digital Service will not extend its £5.5m deal with Microsoft to extend support for Windows XP, leaving government computers that still run on the obsolete operating system at risk from hackers.

    The service said ending the support meant “weaknesses that are found in unsupported products will remain unpatched and will be exploitable by relatively low-skilled attackers”.
    Wonder how much that decision has cost them this weekend?
    I'm intelligent enough to know that I don't know everything.
    But I'm good at searching for, and finding, stuff.


    Migration from ESA to Universal Credit- Click here.

  10. #20
    Senior Member
    Join Date
    Sep 2013
    Posts
    453
    Good idea
    Every key press has an action and consequences, some easily reversed, others not..Very risky to sometimes just "try something"

Similar Threads

  1. Windows 10 is here (nearly) and its FREE
    By nukecad in forum ICT news and events
    Replies: 130
    Last Post: 10-28-2017, 07:19 AM
  2. Windows 7 to Windows 10 upgrade
    By mcclonk in forum News and general discussion
    Replies: 36
    Last Post: 07-13-2016, 10:04 AM
  3. Another attack on disabled by nasty Tories
    By dvk01uk in forum News and general discussion
    Replies: 0
    Last Post: 03-12-2016, 07:27 AM
  4. feeling like your going to have a heart attack
    By skelly in forum Health - help & advice on health issues for disabled people
    Replies: 13
    Last Post: 06-13-2013, 04:26 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •