[Updated] Huge cyberattack is happening right now, up to 1000 companies might be affected worldwide

[StDragon]

8 hours ago, Kisai said:

That's because a lot of security is an after-thought, and especially with companies outsourcing to companies who have no loyalty to their client or country.

 

eg, (big company) - outsources to *** , who uses their offices in a cheaper-labor country, which in turn outsources back to a local company in the country and that company in turn outsources to a small company in the city the big company operates in.

 

Like there is so many middle-men involved that ultimately the Big company doesn't know how many people have access to their systems.

My favorite is hearing of a company (of whom I shall not name) hiring freelance dev from Fiverr based in India to code and install software on their servers. The dumbass in charge granted him Domain Administrator membership.

ROFLMAO.

 

The entire planet is just...so screwed.

[Quackers101]

6 minutes ago, StDragon said:

The entire planet is just...so screwed.

But server got virus, they always know how to fix it and legit microsoft support!

 

"Never share your password with anyone else, ever" - server loading screen tips for your local gamer^TM, since the early 2000s.

[StDragon]

17 minutes ago, Quackers101 said:

But server got virus, they always know how to fix it and legit microsoft support!

Frankly these business deserve to go under when they pull a stunt like that.

 

There are many companies where at the top they loath IT because it's inherently a cost center. When you're so good at your job, you hear things like "Nothing is breaking, why do we need to replace it?" because IT was being proactive and budgeting for HW and SW refresh. Or, "IT is always busy fixing this or that, why I'm I paying so much for so poor results?", because it's understaffed and over worked.

When you're confronted with a business and its owners putting IT in a no-win situation, it's best to find another job and walk away. Such a company is on borrowed time for such short-sighted mismanagement. But the real travesty is when it's the customers that get sucked into a major hacking event because preventive measures and staff training never occurred, because no one at the top cared. 

[Quackers101]

2 hours ago, StDragon said:

When you're confronted with a business and its owners putting IT in a no-win situation, it's best to find another job and walk away. Such a company is on borrowed time for such short-sighted mismanagement. But the real travesty is when it's the customers that get sucked into a major hacking event because preventive measures and staff training never occurred, because no one at the top cared. 

happens in so many businesses, and sadly not just data and personal information but lifes lost.

Sometimes just not understanding danger, or taking known risks, different jobs making you overlook their value in the whole system and trying to force unreasonable demands. Just like certain services trying to force lower costs that are unreasonable and is not lower at all with a lot of other expenses being paid by others or with life. Never rush a job, more so when it's important or even if it feels "unimportant" and having quality equipment.

 

As one see far too many going along with below decent equipment or practices for far too long, getting used to it or its that kind of job were you get used to it.

As its easy for the top or working class to become submissive to certain practices and workloads that might be unhealthy in one way or another.

[thechinchinsong]

2 hours ago, StDragon said:

Frankly these business deserve to go under when they pull a stunt like that.

 

There are many companies where at the top they loath IT because it's inherently a cost center. When you're so good at your job, you hear things like "Nothing is breaking, why do we need to replace it?" because IT was being proactive and budgeting for HW and SW refresh. Or, "IT is always busy fixing this or that, why I'm I paying so much for so poor results?", because it's understaffed and over worked.

When you're confronted with a business and its owners putting IT in a no-win situation, it's best to find another job and walk away. Such a company is on borrowed time for such short-sighted mismanagement. But the real travesty is when it's the customers that get sucked into a major hacking event because preventive measures and staff training never occurred, because no one at the top cared. 

Not only do these companies deserve to go under, they should be held accountable for leaked information or damages done to other parties if applicable. 

[Master Disaster]

29 minutes ago, Quackers101 said:

happens in so many businesses, and sadly not just data and personal information but lifes lost.

Sometimes just not understanding danger, or taking known risks, different jobs making you overlook their value in the whole system and trying to force unreasonable demands. Just like certain services trying to force lower costs that are unreasonable and is not lower at all with a lot of other expenses being paid by others or with life. Never rush a job, more so when it's important or even if it feels "unimportant" and having quality equipment.

 

As one see far too many going along with below decent equipment or practices for far too long, getting used to it or its that kind of job were you get used to it.

As its easy for the top or working class to become submissive to certain practices and workloads that might be unhealthy in one way or another.

This is the age old properly Vs cost effective debate. Its usually the higher ups pushing for cheap as possible and in a lot of cases the IT staff are in a no win situation, they're given a budget and have to make tough choices they know are bad because that's the only realistic choice they have within their budget.

 

There's no excuse for negligence and yeah, admins using outdated software or bad password policies deserve all the backlash they get but in a lot of cases they bear the brunt of situations they never would have been in had management not tied one arm behind their backs.

[Quackers101]

6 hours ago, Master Disaster said:

This is the age old properly Vs cost effective debate.

Sometimes its just bad practices to stay as competition against other lower cost services etc.

That they might know things are not going to go well, and that they compete against cost they know is due to not so good reasons, while the consumer or buyers that might not care or know about these hidden costs. Sometimes going down to the level of other bad practices that might be just too common in the industry, to stay profitable or compete in their market.

 

From T-shirts to VPN's and so on.

[CarlBar]

15 hours ago, Quackers101 said:

Sometimes its just bad practices to stay as competition against other lower cost services etc.

That they might know things are not going to go well, and that they compete against cost they know is due to not so good reasons, while the consumer or buyers that might not care or know about these hidden costs. Sometimes going down to the level of other bad practices that might be just too common in the industry, to stay profitable or compete in their market.

 

From T-shirts to VPN's and so on.

 

Was the same way with industry polluting rivers until regulation was brought in.

[Quackers101]

34 minutes ago, CarlBar said:

Was the same way with industry polluting rivers until regulation was brought in.

still way too much pollution, as one see fish and other products be very much harmed to the natural sites being harmed.

And the talked about Sea Water Desalination, one video done by CNBC.

To future reach of even more pollution and when we might hit a breaking point, or if we need new tech to deal with these growing issues.

(PS: plastic aside, there is so much other issues around water pollution that fish is sometimes not recommended as "food")

[Master Disaster]

12 minutes ago, Quackers101 said:

still way too much pollution, as one see fish and other products be very much harmed to the natural sites being harmed.

And the talked about Sea Water Desalination, one video done by CNBC.

To future reach of even more pollution and when we might hit a breaking point, or if we need new tech to deal with these growing issues.

(PS: plastic aside, there is so much other issues around water pollution that fish is sometimes not recommended as "food")

Pescatarians are reporting mercury poisoning since waters are now so polluted the fish are picking it up and then the people who eat lots of fish get poisoned.

[HempBoosh]

Quote

Mr Biden said he gave Mr Putin a list of 16 critical infrastructure sectors, from energy to water, that should not be subject to hacking.

What? I guess I don't understand politics...

[WolframaticAlpha]

REvil wants 70 million dollars to end the hack.

 

Kaseya ransomware attack updates: REvil demands $70m to end hack (verdict.co.uk)

[Guest willies leg]

It always amazes me why all this shit is connected to the internet.

[Chunchunmaru_]

The entirety of my systems are only exposed to the internet with OpenVPN and Apache web servers, hope nothing bad happens. Just updated everything at the cutting edge Debian 10 release.
All my windows servers are in the intranet.

[Mark Kaine]

“It’s not like they forgot to patch something that Microsoft fixed years ago,” Holden said. “It’s a patch for their own software. And it’s not zero-day. It’s from 2015!”

 

12 hours ago, SGT-AMD said:

More info from Krebs on Security:

Certainly interesting …

[StDragon]

44 minutes ago, SGT-AMD said:

They tried to fix a hole in the Titantic....SOS! SOS! SOS!

 

Will be real interesting how many MSPs and customers Kaseya sheds from the fallout of this. Typically an event this egregious can lead to a rebranding, or they sell off and some other RMM provider purchases the company and their remaining clients.

[tikker]

Apparently they have received a decryptor from an unknown source and are now able to offer people help getting their files back:

Quote

July 22, 2021 - 3:30 PM EDT

Kaseya has obtained universal decryptor key.

On 7/21/2021, Kaseya obtained a decryptor for victims of the REvil ransomware attack, and we’re working to remediate customers impacted by the incident.

We can confirm that Kaseya obtained the tool from a third party and have teams actively helping customers affected by the ransomware to restore their environments, with no reports of any problem or issues associated with the decryptor. Kaseya is working with Emsisoft to support our customer engagement efforts, and Emsisoft has confirmed the key is effective at unlocking victims.

We remain committed to ensuring the highest levels of safety for our customers and will continue to update here as more details become available.

Customers who have been impacted by the ransomware will be contacted by Kaseya representatives.
 

https://www.kaseya.com/potential-attack-on-kaseya-vsa/

 

[leadeater]

1 hour ago, tikker said:

Apparently they have received a decryptor from an unknown source and are now able to offer people help getting their files back:

Likely not for free either, wonder how much that cost them

[StDragon]

12 minutes ago, leadeater said:

Likely not for free either, wonder how much that cost them

Whatever the cost, I'm sure the calculus in expenditure was still cheaper than taking a sustained hit to their reputation and litigation. But I suspect it's too late to salvage much that's left of it (their reputation and clientele).

[tikker]

35 minutes ago, leadeater said:

Likely not for free either, wonder how much that cost them

According to a Dutch article REvil was selling the tool for €42M and their website has now disappeared as well. I don't know if they bit that specific bullet, but I'm with you they probably have bitten one.

[Bombastinator]

1 hour ago, tikker said:

According to a Dutch article REvil was selling the tool for €42M and their website has now disappeared as well. I don't know if they bit that specific bullet, but I'm with you they probably have bitten one.

Hard to know.  Revil was pointed out to be either a privateer, a “volunteer” sort of privateer who did not ask permission from the government, and was merely using the embittered relationship between the US and russia as a cover to keep them from getting arrested, or an actual government organization though that last is appearing to be quite unlikely.  It’s hard to know whether the Russian government actually went after them and didn’t say anything or the group saw it had likely worn out it’s welcome and rolled up operations.  The group as that group appears to be gone ftm.  A named group is just an organization though.  The individuals that makeup that group can still move around and form another one almost exactly the same.  One sees that in a lot of iffy political action groups.  There was the John Birch society, then after that was debunked the moral majority surfaced, then several other different groups after that one was debunked, but they all had basically the same aim and while their membership was not actually identical they tended to have at least a few of the same members.  Theres a Shakespeare quote about a rose by another name.  Not a new concept. Another company seems to have found a universal key to the ransom ware which they are of course selling.   Brings up the possibility that the Revil and the company selling the ransom ware key are somehow in cahoots. I haven’t heard anything about that but I assume it is or has been looked into.