Cyberattack!
Table of Contents
Casino Follies
There's not much word about computer viruses these days, but we are hearing a lot about cyber attacks, like ransomware, which can be a type of virus, and data breaches. Caesars Palace, owned by Vici Properties and operated by Caesars Entertainment, was hit up for about $15 mil. (which it looks like is covered by insurance). Caesars sez...
...we determined that the unauthorized actor acquired a copy of, among other data, our loyalty program database, which includes driver’s license numbers and/or social security numbers for a significant number of members in the database.
MGM, which owns a number of Strip resorts, was blitzed with frozen digital card keys for guest rooms. Guests had to pay cash at casino venues like restaurants as credit card systems were unavailable. Slot machines, ATMs and the company’s web site were all taken down, and e-mail blocked.
Know that it could be a pity play, or a scam. Why though? Inside job for insurance payoff is the first thought that comes to mind. We can't rule out the scum casinos themselves selling your data for big $$$, then claiming it was stolen. Making the pity play could occur when they screw up their own systems, by not properly designing them, and doing improper maintenance (cheaping out). Then, when a security breach is an easy hack done by script kiddies, that becomes public, they make it look like it's a big "international cybercrime ring," misdirecting and blowing it out of proportion. Then, they have deniability and potential insurance payoffs.
Viruses, Worms
Let's look back at a couple oldies but goodies.Love Letter for You
This old hack, or "worm," is from May, 2000. I was working at a company where we all got this "Love Letter" script in an email. The title of the mail was, "ILOVEYOU," and of course everyone in the office clicked on the attachment in it, "LOVE-LETTER-FOR-YOU.txt.vbs," and it promptly brought the server — and company — down. This was just a simple script file .VBS attachment (on a Microsoft system, of course), but it did a number on thousands of businesses. VBS stands for Visual Basic Script, and it can run commands on a computer within Windows or Internet Explorer (actually through another program that executes the commands). This sort of thing is called a worm because it "burrows in" and causes destruction.
At least the script, which one could print out and examine, was useful to identify the tricks they used to make your machine delete important files and the like. Certainly it made it very easy to potentially set up blocks against that kind of behavior.
Then a message was sent around, after the fact, to not click on unknown email attachments, no doubt sent by one of the people who blindly clicked on it. Actually, this was a problem with the server/network people. Even back then, they should have been able to implement a patch that disallowed people from running scripts in attachments. It's silly to try to say, "Don't do that!" when it flies in the face of a routine operation. We click on things left and right, willy-nilly, and nothing bad usually happens. Or, we may be in a hurry. We don't take time to ponder and philosophize over every minor routine action we take. And the system was restored from backup, so, hopefully some good came of it if that point of attack was addressed.
Another thing fake news is doing, which shows it is utterly insane, is running back to the old fall guy, North Korea, again, now blaming it for the virus! Nice to have your "go-tos," along with Russia and, sometimes, the People's Republic of China.
WannaCry
The Telegraph, a big Brit newspaper had, "in tact" for "intact" on its website in an article on this topic, and "encryted," for "encrypted." So these Bozos can't even run a spell checker on their pathetic attempts at news? They can't even do their alleged jobs at a minimal standard.
Anyway, the article was about the WannaCry hostageware. I was trying to find some details on how people got infected by it. Did they open an attachment? (Which doesn't mean "open," exactly, but run, it automatically.) Did they open a website and click something there? That is the meat of the issue. It shouldn't have to be explained, again and again, to the so-called "explainers."
What specific machine makes/brands, architecture and operating systems were these infected machines running? What was the consequence — what happened on the machines when the "WannaCry" virus program was run?
It's appalling how outright stupid every source on the web that talks about this topic is. I'm talking about even the sites that are devoted purely to computing/IT topics! Not one of them that I found, among about 10-20 I scanned, provided the basic information necessary to be valid and useful! Not one concrete, descriptive example of the virus's effects or example of damage control was given.
It isn't news if they just say, "Some people got infected by ransomware," tell a few tales out of school, and leave it at that. It's not even good gossip.
Apparently, this was an NSA-produced virus. Yes, the government created it, by their own admission, according to various stories, as part of a "hacking toolset." But it doesn't admit to "releasing it." It blames that on some "hackers," who got into its servers. Ridiculous. And more ridiculous, those who believe that line. Even if it were true, the NSA was willfully negligent in not informing Microsoft of the exploit. But of course Microslop (heh-heh) and the NSA work hand-in-hand.
It may even be "fake news," and the virus did not even exist, but merely served to get people to panic and run software like Windows updates, "virus protectors," and the like, and infect themselves that way. You can just see the way they'll spin it to themselves, too, "Oh, I installed all the protection and updates, but I was just too late, and it got me, before I managed to act!"
I've warned against Windows in the past, and once more, people are played for fools and suckers for using that piece of trash.
Of course, these people are the same ones that will have their "anti-virus software" all up to date, and get infected anyway, and still not see the light, that it's all a big scam.
What to Do?
Here's a valuable tip. I was wondering why everyone is getting computer viruses all the time. I rarely get them, if ever, and I don't bother with those phony "virus checker" programs. (I think people are starting to realize that the virus checkers can only check after the fact, after someone has already gotten the virus and reported it to the company.) You know, it wouldn't be surprising if some OS (operating system) manufacturers just blame things on viruses to cover up their own stinky tracks. Switching to a Linux-based OS helps too, of course.
But when it comes down to it, it must be that people are getting suckered by those downloaded executables. If you've downloaded a file thinking you were getting a movie or song and you've gotten an executable (.exe) file, don't run it. It's simple as that. It's not a movie or song or document if it's not an .mp3, .mp4 or .pdf, or .vid or other known media format. It doesn't matter how good it looks, or if they say, "Run this to install your download," or whatever, don't run these oddball .exe files you'll get sometimes when you think you're getting something else! Now this doesn't mean executables you download from a known entity, say like your browser company or Adobe Reader or such, of course, but anything else is suspect.
This is probably 90% of the "virus" problem — self-inflicted, but they don't tell you the truth, since they want to sell their product.
Samba
There have other ways of buggering you, though. I have encountered a problem with Samba, a file sharing utility for Linux and Windows. It seems to provide an open gateway for hackers into your system, if you use it. I was using it for file transfers, between two of my personal machines, and found afterwards that someone had gotten in and locked my files, in the directories where I'd enabled sharing! By setting files as unshared, and turning off Samba, though, I've had no further problems. Another something to be aware of.
Comments