Zathrus~SPARTA~ Posted May 18, 2017 Share Posted May 18, 2017 (edited) Hello all, I thought some of you might find the page I am going to link below interesting. It is essentially a world map that is tracking in real time, all actual attacks on all networks. It is the type of page Engineers tend to like.... As an example here is the map displaying the "WannaCry" ransomware attack today 05/18/2017: Below that you can watch a graph that is tracking actual numbers based on time and individual attacks... or the sum of all attacks. This is a graph of the last hour of "wannacry" attacks only as I write this. You can see, that even though they have been battling this attack for almost 7 days, it is still not under control. This current ransomware attack is exactly why I oppose any intelligence agency asking any entity for the key to their base code encryption. One of the reasons the current attack (the malware is called "WannaCry Malware") is being so successful is not only is it using the standard phishing email entry system typically used... but also, it uses a second method of infection which is called the "EternalBlue Exploit". The EternalBlue Exploit is believed by most security firms to have been developed by the NSA since it was released only after hackers broke into the NSA and published a bunch of classified materials. Apparently "EternalBlue" is within those classified materials. The fact is, once you have given anyone the key to your base code encryption.... eventually everyone with an internet connection has access to the key to your encryption... that is how the internet works. No entity of any kind (not corporations, individuals, govs. etc.) should ever be asked for the keys to their base code encryption. When we do force someone to provide this... It means that system is now at the mercy of whoever happens to be holding the keys... which could be anyone with access to the internet. Here is the website the pictures above were taken from: https://intel.malwaretech.com/ Edited May 18, 2017 by Zathrus~SPARTA~ 1 Link to comment Share on other sites More sharing options...
Rocky Posted May 18, 2017 Share Posted May 18, 2017 Cool site. Link to comment Share on other sites More sharing options...
MH6~SPARTA~ Posted May 20, 2017 Share Posted May 20, 2017 Yeah fun times. Pretty sure WannaCry is the cause of all of our Windows 2003 servers bluescreening the past few weeks--fun fact, WannaCry is pretty terrible, coding wise, and can't actually infect XP/2003 based machines, and will instead either do nothing or cause bluescreens. So not sure if that is what was causing our issues, but it makes sense. So I blocked the SMB ports on our firewall and we have started up new Windows 2012 servers to replace the aging machines. Link to comment Share on other sites More sharing options...
Zathrus~SPARTA~ Posted May 20, 2017 Author Share Posted May 20, 2017 yes, wannacry cannot infect anything from windows 7 forward... but the problem is we have millions of "legacy" business systems running older stuff.. For those of us with newer operating systems... remain vigilant... it is only a matter of time and effort on hackers part. Link to comment Share on other sites More sharing options...
Recommended Posts