Another cyber intrusion...

[almostgone]

https://www.zdnet.com/article/coloni...t-coasts-fuel/

[The Deadlifting Dog]

It is reported to be by Darkside which is a Russian based criminal group.

My guess is Putin is just using them as a front.

https://www.bbc.com/news/business-57050690

[tarmyg]

In regards to Putin I though this was a super interesting read. Long but good.

What Putin and Xi Really Want
https://www.americanpurpose.com/arti...i-really-want/

[almostgone]

In regards to Putin I though this was a super interesting read. Long but good.

What Putin and Xi Really Want
https://www.americanpurpose.com/arti...i-really-want/

Good read so far, Tarmyg. I'll dive back into it this evening.

[kelkel]

Good read so far, Tarmyg. I'll dive back into it this evening.

Which word stumped you?

[almostgone]

Which word stumped you?

LOL, it was a vowel....

[almostgone]

Well, we already have OTR drivers raising hell about fuel prices. One trucker said his fuel costs are up 31% already. He said most OTR guys are kind of keeping each other informed of the availability of diesel and which truck stops are already price gouging.

I topped off the truck when I got off work this morning around 0215. I had to buy all 3 grades just to get enough to top off the tank.

Hope this fuel issue doesn't turn into anything worse than it is now.

[tarmyg]

Which word stumped you?

Are you done with the fun move yet or did you get stuck moving your favorite hamstring equipment? :-)

[kelkel]

Are you done with the fun move yet or did you get stuck moving your favorite hamstring equipment? :-)

Oh it was unbelieveably horrible. And yes, I brought the Icarian with me. Still not using it, I just give it stink eye.
Legs in a couple minutes actually and I won't say a word to it.

[Beetlegeuse]

In this day and age there is no excuse for not keeping verified backups of all mission-essential data. None. Which means you take the data offline and test it for malware before archiving it OFF LINE (and preferably OFF SITE). Storage memory is just too damn cheap not to be taking advantage of it.

Administrators forget that their first obligation is to the ones and zeroes (1s and 0s) stored on those damn drives. I practice better information security in my home than most of these yahoos do in the workplace.

Whether it's more expensive than paying the ransom isn't the point. The point is that if you remove the profit motive, they move on to some other way to extort money from people. Rewarding them for doing wrong to you is a non-starter. We should be tracking them down and zipping them up in body bags.


But then I have a rather liberal viewpoint of what should constitute a "capital" offense. This is a matter of national security. They should round these fuckers up and ship them to Gitmo and let them hang by their heels for the next 20 years.

[almostgone]

In this day and age there is no excuse for not keeping verified backups of all mission-essential data. None. Which means you take the data offline and test it for malware before archiving it OFF LINE (and preferably OFF SITE). Storage memory is just too damn cheap not to be taking advantage of it.

Administrators forget that their first obligation is to the ones and zeroes (1s and 0s) stored on those damn drives. I practice better information security in my home than most of these yahoos do in the workplace.

Whether it's more expensive than paying the ransom isn't the point. The point is that if you remove the profit motive, they move on to some other way to extort money from people. Rewarding them for doing wrong to you is a non-starter. We should be tracking them down and zipping them up in body bags.


But then I have a rather liberal viewpoint of what should constitute a "capital" offense. This is a matter of national security. They should round these fuckers up and ship them to Gitmo and let them hang by their heels for the next 20 years.

I can't believe that any inserted or modified coding isn't automatically pushed to a virtual "sandbox" for containment and ransomware forensics before assimilation.

And, agreed, never pay the random. It creates a self-sustaining scam.

[almostgone]

I guess they now fall into the cyber-terrorist classification. Perhaps they'll treat them as such if there's a successful snatch and grab.

[almostgone]

....and of course this want part of the problem. :



https://www.foxbusiness.com/technolo...osoft-exchange


Someone in their IT department is probably going to take the fall. I have the feeling Colonial may have ignored their "head shed" cyber security group. Pfft....like you said, B, they probably though it wasn't worth the expenditure.

[Beetlegeuse]

Someone in their IT department is probably going to take the fall. I have the feeling Colonial may have ignored their "head shed" cyber security group. Pfft....like you said, B, they probably though it wasn't worth the expenditure..

That would be the expedient thing to do but I could never in good conscience send "most likely culprit" to the gallows. The greatest vulnerability is always posed by administrators' habits, not by outdated software. My money's on somebody opening an attachment they shouldn't have, or playing some game they got "free" online on a server. But claims of vulnerable software makes for a better headline.

[Hughinn]

That would be the expedient thing to do but I could never in good conscience send "most likely culprit" to the gallows. The greatest vulnerability is always posed by administrators' habits, not by outdated software. My money's on somebody opening an attachment they shouldn't have, or playing some game they got "free" online on a server. But claims of vulnerable software makes for a better headline.

Not only does it make for a better headline, it pulls responsibility away from the highest level people who were ultimately responsible.

[Beetlegeuse]

Ransomware gang says D.C. police won’t pay $4 million demand, begins leaking files

Hackers leak alleged police data and screenshots of their failed negotiations.

A group of cybercriminals have begun leaking what it claims to be internal law enforcement files after Washington, D.C.’s Metropolitan Police Department was targeted with ransomware last month....

... The files leaked thus far, according to VICE, surround “background investigations” on nearly two dozen officers and includes “psychological evaluations, polygraph responses, supervisor interviews, their credit history, information about their home, their social security numbers, date of birth, personal emails, home address, phone numbers, their driver’s licenses, financial details, and their handwritten signatures.” ...



They need to find these perps, kill them, hide the bodies and tell God they died from the Chi-Com flu.

[almostgone]

Ransomware gang says D.C. police won’t pay $4 million demand, begins leaking files

Hackers leak alleged police data and screenshots of their failed negotiations.

A group of cybercriminals have begun leaking what it claims to be internal law enforcement files after Washington, D.C.’s Metropolitan Police Department was targeted with ransomware last month....

... The files leaked thus far, according to VICE, surround “background investigations” on nearly two dozen officers and includes “psychological evaluations, polygraph responses, supervisor interviews, their credit history, information about their home, their social security numbers, date of birth, personal emails, home address, phone numbers, their driver’s licenses, financial details, and their handwritten signatures.” ...



They need to find these perps, kill them, hide the bodies and tell God they died from the Chi-Com flu.

Yep, make some kind of an example out of them. Label it as cyber-terrorism and shuttle them off to an unnamed facility. That would provide some form of deterrence.

[Hughinn]

The irony of it is, the same people howling "Putin hacked the pipeline" are the same people saying it it wasn't possible the Chinese hacked the voting machines.

[Fluidic Kimbo]

The public health service in Ireland is currently under a cyber ransomware attack. Doctors do not have access to scan results and so lots of procedures have been cancelled. Cancer patients not getting radiation therapy. Doing a ransomware attack on something like Amazon or Lamborghini is one thing, but to target an entire country's health system is pure evil.

[Hughinn]

The public health service in Ireland is currently under a cyber ransomware attack. Doctors do not have access to scan results and so lots of procedures have been cancelled. Cancer patients not getting radiation therapy. Doing a ransomware attack on something like Amazon or Lamborghini is one thing, but to target an entire country's health system is pure evil.

You've got to wonder what kind of use that data would have to a foreign adversary or criminal organization.

Facebook for example in all likelihood sells the information you give them to all sorts of organizations and interests.

[Beetlegeuse]

Looks like the hackers got hacked.


Servers Of Colonial Pipeline Hacker Darkside Forced Down: Security Firm

By AFP - Agence France Presse
May 14, 2021

Servers for Darkside were taken down by unknown actors Friday, a week after the cyber extortionist forced the shutdown of a large US oil pipeline in a ransomware scam, a US cyber security firm said....

[Fluidic Kimbo]

You've got to wonder what kind of use that data would have to a foreign adversary or criminal organization.

Facebook for example in all likelihood sells the information you give them to all sorts of organizations and interests.

I don't think the perpetrators have any interest in the data itself, they just want the public health service in Ireland to pay a ransom (it's probably something like 5 million Euro).

The Irish government is saying that it won't pay the ransom. If I was in power then I wouldn't pay the ransom either, I reckon it's 90%+ likely that the perpetrators would just take the money and run.

Cutting off an oil supply is one thing, but these guys are preventing necessary medical procedures to sustain life.

[almostgone]

I don't think the perpetrators have any interest in the data itself, they just want the public health service in Ireland to pay a ransom (it's probably something like 5 million Euro).

The Irish government is saying that it won't pay the ransom. If I was in power then I wouldn't pay the ransom either, I reckon it's 90%+ likely that the perpetrators would just take the money and run.

Cutting off an oil supply is one thing, but these guys are preventing necessary medical procedures to sustain life.

What they are doing is just flat out evil as you stated, Kimbo.

[Hughinn]

I don't think the perpetrators have any interest in the data itself, they just want the public health service in Ireland to pay a ransom (it's probably something like 5 million Euro).

The Irish government is saying that it won't pay the ransom. If I was in power then I wouldn't pay the ransom either, I reckon it's 90%+ likely that the perpetrators would just take the money and run.

Cutting off an oil supply is one thing, but these guys are preventing necessary medical procedures to sustain life.

What they are doing is just flat out evil as you stated, Kimbo.

Both points are spot on.

But, that data has a value is my point. And that value isn't just determined by one source. For example, like FK points out it's worth a ransom. But yet, it's also worth alot to identity theft, scam artists and any number of criminals or hostile foreign actors.

I'm an old school type guy, amd always thought that a government had a responsibility to protect the liberty and privacy of its citizens.

[Fluidic Kimbo]

Both points are spot on.

But, that data has a value is my point. And that value isn't just determined by one source. For example, like FK points out it's worth a ransom. But yet, it's also worth alot to identity theft, scam artists and any number of criminals or hostile foreign actors.

I'm an old school type guy, amd always thought that a government had a responsibility to protect the liberty and privacy of its citizens.

I don't know the full details of the cyber attack, and I don't know if the perpetrators even ever had access to any private data. Maybe the perpetrators have just done something simple like disabled the login system, so that doctor's cannot login with their username and password to see scan results.