In the news

I mean, successive Puerto Rican governments borrowed too much money to try to prop up the economy. I don't see how that's colonialism

That's not really the argument. The UN has been calling PR a colony since the 1950's and it's hard to argue otherwise.

And most Puerto Ricans say they prefer the status quo to statehood or independence

The last vote on this a majority voted for independence but the US Govt still said no.

If it's accurate, what kind of cnuts do this?

http://news.sky.com/story/nhs-trusts-hit-by-cyberattack-10874280

https://twitter.com/fendifille/status/862997621039878145/photo/1

Nice. Payment via bitcoin is pretty niche.

Pretty standard for ransomware

Clearly I've not been held to ransom enough.

I don't think it's targetted at the NHS in particular. Plenty of other large companies are getting hit (Telefonica plus others in UK, Spain and Portugal) from what I've read.

Guess it's an email trojan that has just been released into the wild and been emailed around enough now...

Harder to trace etc.

Unfortunately, the way most people deal with it is to just pay up because the costs of losing the data is often higher than the ransom, making it a very successful tactic.

For somewhere like the NHS the data shouldn't be stored locally, so dealing with ransomware like that should just be a reinstallation process.

If data is held locally and not backed up, this is going to be a painful lesson.

Of course, IT systems/processes at big companies (and places like the NHS) are woeful.

The big problem for them right now (like you say, I would hope the critical/sensitive data is not just scattered across a windows desktop) will be that any affected machines will be out of action.

That's not really the argument. The UN has been calling PR a colony since the 1950's and it's hard to argue otherwise.

It's the argument that The Intercept seemed to be making. I don't disagree that it's a colony, i just disagree that the government's decision to borrow too much is an expression of colonialism.

The last vote on this a majority voted for independence but the US Govt still said no

Somehow the 2012 referendum passed me by - my bad. But the vote was for statehood, not independence.

re: the bitlocker ransomware, I was contracting at a law firm end of last year and they were being emailed attachments with this about 4x a day from various sources.

It seems like there's a dimension to this story that a centralised resource has been affected rather than all local PCs. Some kind of shared patient records system.

Isn't @dubtap NHS?

My brother in law's at NHS Digital in Leeds. Project manager rather than IT but probably not having the best of Friday afternoons. Unless they can't do any work and have gone to the pub already.

"Several organizations have been impacted today by the ransomware variants known as Wannacryptor, WannaCry 2.0, WCry2, or similar names. At this time, none of the infections reported appear to have been introduced via email, though the capacity for such exists, and there have been unconfirmed reports of emerging encapsulation of the executable in a .zip-compressed .js file (sometimes password-protected). This ransomware's distinctive feature and apparent source of intra-organizational spread is its network worm effect, wherein it leverages the intranet to spread itself to other PCs.

Apparently linked to those exploit tools the Shadow Brokers leaked (I think it was to github?) a little while ago. Those affected hadn't patched the exploit.

Looks like they randomly got hit because a. Their computers are running some horribly outdated version of XP and b. Because someone probably opened something they shouldn't have.

The ransom is only $300...

Bitcoin has a $28bn marketcap!

300 per PC but even so, not much overall.

For the record, the NHS programme to move away from XP before it was dropped by Microsoft (and AV companies) was scuppered by government cuts. Thanks brexit.

If I was heavy in to bitcoin, I'd consider selling a good chunk right now

Looks like I'm owed about 18 years of holiday pay.

https://www.theguardian.com/business/2017/may/12/gig-economy-ecourier-admits-denying-courier-employment-benefits

http://www.popularmechanics.com/military/weapons/a19061/britains-doomsday-subs-run-windows-xp/

Uhoh.

Note that's not XP as you and I know it, it's Windows for Warships, which is rather different. It's not being used on the Aircraft Carriers apparently.

It should stop spreading now, someone analysing it found that it had a kill switch. If a specific random looking domain existed then it would stop spreading. A security research found the domain referenced in the payload and registered it before realising it was a kill switch.

Doesn't help anyone that is already infected though, wipe and reinstall for them and hope their data is backed up properly (and they haven't overwritten the good backups with the encrypted files...)

It's going to be fun mopping up after this, maybe it's the wake up call that is required for people to take IT security seriously, and for the NSA to come clean about what else it has in its locker (this malware was based on the stuff stolen from the NSA a few years ago).