Lessons & Advice From The Ransomware Attack

in #news7 years ago (edited)

Mainstream news coverage of the recent WannaCry ransomware attack has overwhelmingly focused on the negative human consequences, and speculation about public sector spending to protect vital infrastructure, such as the UK’s National Health Service (see here for latest advice if you’re a patient).

As for the perpetrators, even reputable news services seemingly prefer to focus on the massive international manhunt led by European law enforcement and the FBI.

Missing from all this is the honest explanation of how the ransomware attack came to exist in the first place. This isn’t some conspiracy theory. It’s not me saying “mainstream media = fake news”. It’s just about being honest and keeping your eye on the ball.

I was going to write a long article about this here but, as it happens, at least two places online have covered it well with what I regard as a reasonable level of honesty. I refer to those below, an explainer from the privacy- and security-oriented service Protonmail and an article from the Intercept. (See below.)

If you just want the quick version of how it all happened, it’s this:

  • The weekend’s ransomware attack exploits Windows vulnerabilities.
  • The vulnerabilities and methods to exploit them were developed by the National Security Agency (NSA).
  • Instead of alerting Microsoft (who make Windows) to the vulnerabilities, the NSA developed tools to exploit them and kept them secret.
  • Yes, this is the US tax-payer funded NSA working to make US citizens, and those of other countries, less secure. Without a hint of irony, they post online articles about how they “protect the nation”.
  • In the summer of 2016, the NSA themselves were hacked. (This is the agency tasked with keeping the US safe from cyber threats.) Knowledge of how to exploit the Windows vulnerability was stolen by a hacker group, who subsequently published this information online.
  • This allowed others to use the information to launch the attack, as seen this weekend.
  • Despite everything, it appears the NSA still chose not to help Microsoft. The national security made things less secure, then refused to help.
  • In March 2017, Microsoft seem to have figured how the vulnerability worked and offered their users a patch.
  • The patch came too late. Many people and business failed to update in time, perhaps due to poor security practices, perhaps not, and the ransomware attack worked even in May.
  • In the end, the attack affected computers in 150 countries or more, and paralyzed key services with severe consequences for innocent people, from hospital patients to businesses and travellers.

“Security services” and democracy

(In fairness, I could have put each of security, services and democracy in quotes there.)

In 2013, Edward Snowden’s revelations showed that US tax-payer funded organizations acted illegally to undermine citizens’ privacy without adequate accountability or oversight. For example, they collect and collaborate with others to collect, huge amounts of private data indiscriminately (SMS messages, emails, and much else besides). The FBI co-opted Yahoo, the email provider, to write code for searching through people’s private emails. Recent leaks revealed a large CIA-driven program to spy on citizens indiscriminately. And that’s just US examples we happen to know about. The UK and other European agencies have their agencies acting in similar ways. Who knows what Russia or China’s state apparatus is capable of or up to just now.

There is clearly a problem here with how publicly institutions relate to the security and rights of their own citizens. I urge you not to lose sight of this. Whilst the mainstream news isn’t wrong to describe to use the human consequences of a cyber attack, it is wrong of them to neglect the underlying source of the problem. It is not a lone wolf attacker. The underlying source are unaccountable, state-sponsored agencies with unrivalled capabilities working against, rather than for, the safety of their citizens.

Advice

First and foremost: backup, backup and then... backup.

If ransomware ever affects you, you’ll have no reason to pay for restoring your files if you can do it yourself.

Decent online backup services will provide at least an option, if not a default, that end-to-end encrypts your files. Services such as SpiderOak, Tresorit and BackBlaze encrypt files on your computer before sending them out to the company’s servers. This means that the company never has your data in a readable format, cannot snoop on the contents of your files and also cannot lose it in a readable format or be forced by law to give it to others.

If online services aren’t your thing and you prefer a local solution, try Duplicati, a free and open source software than provides backup with optional encryption. It’s excellent stuff, in my opinion, and well-deserving of a contribution.

Note, that all encryption-based services and solutions work best with a very strong, unique password. For this it is best to use a password manager. My recommendation is KeePassXC. I will go into the reasons for this in future posts.

Secondly, avoid using Microsoft Windows if at all you can. It’s the most targeted, most vulnerable and least secure available operating system. Of these, the absolutely worst is Windows XP, for which support has ended entirely all the way back in 2014.

Windows 7, 8, 8.1 and 10 all violate your privacy in hideous ways. Mac is a bit better, but really not that much. I will be writing on this in the future, too.

If you’re able to switch to Linux, do it. It’s easier than you think, suits more people than would expect it, and it’s free (as in beer and, often, as in birds).

In any case, whichever operating system you’re using, keep it up-to-date (Again: all but impossible for Windows XP). However questionable the ethical practices of Microsoft or Apple may be, these companies are hugely interested in making sure they aren’t perceived as vulnerable. They want to maintain your security (even if not privacy). So accept this fact and update your computer when it says that an update is due.

For more information about the NSA’s role in developing the exploits that made the worldwide ransomware attacks possible, see these excellent articles:

#life #security #government #tutorials
7 years ago in #news by
$2.39
  • Past Payouts $2.39, 0.00 TRX
  • - Author $2.04, 0.00 TRX
  • - Curators $0.35, 0.00 TRX
70 votes
Reply 3
Sort:  
  • Trending
    • [-]
     7 years ago 

    Use Linux Mint or Ubuntu, it's super easy to install and use, even as a novice.

    $0.00
      Reply
      [-]
       6 years ago 

      Congratulations @room101! You have received a personal award!

      1 Year on Steemit
      Click on the badge to view your own Board of Honor on SteemitBoard.

      Upvote this notificationto to help all Steemit users. Learn why here!

      $0.00
        Reply
        [-]
         5 years ago 

        Congratulations @room101! You received a personal award!

        Happy Birthday! - You are on the Steem blockchain for 2 years!

        You can view your badges on your Steem Board and compare to others on the Steem Ranking

        Vote for @Steemitboard as a witness to get one more award and increased upvotes!
        $0.00
          Reply

          Coin Marketplace

          STEEM 0.20
          TRX 0.13
          JST 0.030
          BTC 64741.88
          ETH 3457.21
          USDT 1.00
          SBD 2.55