Global cyber-attack: How roots can be traced to the US
http://www.bbc.com/news/technology-39905509
The huge cyber-attack affecting organisations around the world, including some UK hospitals, can be traced back to the US National Security Agency (NSA) - raising questions over the US government's decision to keep such flaws a secret.
Elements of the malicious software used in Friday's attacks were part of a treasure trove of cyber-attack tools leaked by hacking group the Shadow Brokers in April.
One of the tools contained in the Shadow Brokers leak, codenamed EternalBlue, proved to be "the most significant factor" in the spread of Friday's global attack, according to cyber-security firm Kaspersky Lab.
The tool was said to have been created by the NSA - though, as is typical, the agency has neither confirmed nor denied this.
EternalBlue was made public on 14 April, and while Microsoft had fixed the problem a month prior to its leak, it appeared many high-profile targets had not updated their systems to stay secure.
Explaining the global ransomware outbreak
'My heart surgery was cancelled'
Friday's attack has reignited the debate over whether or not governments should disclose vulnerabilities they have discovered or bought on the black market.
"It would be deeply troubling if the NSA knew about this vulnerability but failed to disclose it to Microsoft until after it was stolen," said Patrick Toomey, a lawyer working for the American Civil Liberties Union.
"These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world.
"Patching security holes immediately, not stockpiling them, is the best way to make everyone's digital life safer."
Edward Snowden, who famously leaked many internal NSA files in June 2013, criticised the NSA on Friday in a series of tweets.
"In light of today's attack, Congress needs to be asking [the NSA] if it knows of any other vulnerabilities in software used in our hospitals," he wrote.
"If [the NSA] had privately disclosed the flaw used to attack hospitals when they found it, not when they lost it, this may not have happened."
Outdated systems
However, others focused the blame at institutions for being too slow in updating their systems, given that this attack happened almost two months after a (free) fix was made available by Microsoft.
"Say what you want to say about the NSA or disclosure process," said Zeynep Tufeki, a professor at the University of North Carolina.
"But this is one in which what's broken is the system by which we fix."
For the UK's National Health Service, the problem is perhaps more acute.
Security firms have continually raised alarms about the NHS's reliance on Windows XP, an operating system that is no longer supported by Microsoft.
Cyber-attack: Is my computer at risk?
http://www.bbc.com/news/technology-39896393
Experts are warning that there could be further ransomware cases this week after the global cyber-attack. So, what has happened and how can organisations and individuals protect themselves from such attacks?
What is the scale of the attack?
Ransomware - a malicious program that locks a computer's files until a ransom is paid - is not new but the size of this attack by the WannaCry virus is "unprecedented", according to EU police body Europol.
It said on Sunday that there were believed to be more than 200,000 victims in 150 countries. However, that figure is likely to grow as people switch on their computers on Monday if their IT has not been updated and their security systems patched over the weekend.
There are also many other strains of ransomware which cyber-security experts say they are seeing being given new leases of life.
In the UK, the NHS was hit hard, but by Saturday morning the majority of the 48 affected health trusts in England had their machines back in operation. The NHS has not yet revealed what steps it took.
The malware has not proved hugely profitable for its owners so far. The wallets set up to receive ransom payments - $300 (£230) in virtual currency Bitcoin was demanded for each infected machine - contained about $30,000 when seen by the BBC. This suggests that most victims have not paid up.
Is my computer at risk?
The WannaCry virus infects only machines running Windows operating systems. If you do not update Windows, and do not take care when opening and reading emails, then you could be at risk.
However, home users are generally believed to be at low risk to this particular strain.
You can protect yourself by running updates, using firewalls and anti-virus software and by being wary when reading emailed messages.
Regularly back up your data so you can restore files without having to pay up should you be infected, as there is no guarantee that paying the ransom will result in your files being unlocked.
The UK's National Cyber Security Centre website contains advice on how to apply the patch to stop the ransomware - MS17-010 - and what to do if you can't.
How did the attack spread so fast?
The culprit is malware called WannaCry and seems to have spread via a computer virus known as a worm.
Unlike many other malicious programs, this one has the ability to move around a network by itself. Most others rely on humans to spread by tricking them into clicking on an attachment harbouring the attack code.
Once WannaCry is inside an organisation, it will hunt down vulnerable machines and infect them too. This perhaps explains why its impact is so public - because large numbers of machines at each victim organisation are being compromised.
It has been described as spreading like the vomiting bug norovirus.
Why weren't people protected?
In March, Microsoft issued a free patch for the weakness that has been exploited by the ransomware. WannaCry seems to be built to exploit a bug found by the US National Security Agency.
When details of the bug were leaked, many security researchers predicted it would lead to the creation of self-starting ransomware worms. It may, then, have taken only a couple of months for malicious hackers to make good on that prediction.
It was originally thought that a number of victims were using Windows XP, a very old version of the Windows operating system that is no longer supported by Microsoft.
However, according to cyber-security expert Alan Woodward, from Surrey University, the latest statistics suggest this figure is actually very small.
Large organisations have to test that security patches issued by the provider of their operating systems will not interfere with the running of their networks before they are applied, which can delay them being installed quickly.
Who was behind the attack?
It's not yet known, but some experts are saying that it was not particularly sophisticated malware. The "kill switch" that stopped it spreading - accidentally discovered by a security researcher - may have been intended to stop the virus working if captured and put in what's called a sandbox - a safe place where security experts put computer malware to watch what they do - but not applied properly.
Ransomware has been a firm favourite of cyber-thieves for some time as it lets them profit quickly from an infection. They can cash out easily thanks to the use of the Bitcoin virtual currency, which is difficult to trace.
However it's unusual for an expert criminal gang to use so few Bitcoin wallets to collect their ransom demands - as in this case - as the more wallets there are, the more difficult the gang is to trace.
Global cyber-attack: Security blogger halts ransomware 'by accident'
A UK security researcher has told the BBC how he "accidentally" halted the spread of the malicious ransomware that has affected hundreds of organisations, including the UK's NHS.
The 22-year-old man, known by the pseudonym MalwareTech, had taken a week off work, but decided to investigate the ransomware after hearing about the global cyber-attack.
He managed to bring the spread to a halt when he found what appeared to be a "kill switch" in the rogue software's code.
"It was actually partly accidental," he told the BBC, after spending the night investigating. "I have not slept a wink."
Although his discovery did not repair the damage done by the ransomware, it did stop it spreading to new computers, and he has been hailed an "accidental hero".
"I would say that's correct," he told the BBC.
Cyber-attack scale 'unprecedented'
NHS 'robust' after cyber-attack
"The attention has been slightly overwhelming. The boss gave me another week off to make up for this train-wreck of a vacation."
What exactly did he discover?
The researcher first noticed that the malware was trying to contact a specific web address every time it infected a new computer.
But the web address it was trying to contact - a long jumble of letters - had not been registered.
MalwareTech decided to register it, and bought it for $10.69 (£8). Owning it would let him see where computers were accessing it from, and give him an idea of how widespread the ransomware was.
Owning the web address let MalwareTech monitor where infections were happening
By doing so, he unexpectedly triggered part of the ransomware's code that told it to stop spreading.
This type of code is known as a "kill switch", which some attackers use to halt the spread of their software if things get out of hand.
He tested his discovery and was delighted when he managed to trigger the ransomware on demand.
"Now you probably can't picture a grown man jumping around with the excitement of having just been 'ransomwared', but this was me," he said in a blog post.
MalwareTech now thinks the code was originally designed to thwart researchers trying to investigate the ransomware, but it backfired by letting them remotely disable it.
Does this mean the ransomware is defeated?
While the registration of the web address appears to have stopped one strain of the ransomware spreading from device-to-device, it does not repair computers that are already infected.
Security experts have also warned that new variants of the malware that ignore the "kill switch" will appear.
"This variant shouldn't be spreading any further, however there'll almost certainly be copycats," said security researcher Troy Hunt in a blog post.
MalwareTech warned: "We have stopped this one, but there will be another one coming and it will not be stoppable by us.
"There's a lot of money in this, there is no reason for them to stop. It's not much effort for them to change the code and start over.
https://en.wikipedia.org/wiki/Ransomware
Ransomware is a type of malicious software that carries out the cryptoviral extortion attack from cryptovirology that blocks access to data until a ransom is paid and displays a messagerequesting payment to unlock it. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse. More advanced malware encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them.The ransomware may also encrypt the computer's Master File Table (MFT) or the entire hard drive.[Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files[ since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.
What does ransomware do?
https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx
There are different types of ransomware. However, all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC.
They can target any PC users, whether it’s a home computer, endpoints in an enterprise network, or servers used by a government agency or healthcare provider.
Ransomware can:
· Prevent you from accessing Windows.
· Encrypt files so you can't use them.
· Stop certain apps from running (like your web browser).
Ransomware will demand that you pay money (a “ransom”) to get access to your PC or files. We have also seen them make you complete surveys.
There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.
Details for home users
There are two types of ransomware – lockscreen ransomware and encryption ransomware.
Lockscreen ransomware shows a full-screen message that prevents you from accessing your PC or files. It says you have to pay money (a “ransom”) to get access to your PC again.
Encryption ransomware changes your files so you can’t open them. It does this by encrypting the files – see the Details for enterprises section if you’re interested in the technologies and techniques we’ve seen.
Older versions of ransom usually claim you have done something illegal with your PC, and that you are being fined by a police force or government agency.
These claims are false. It is a scare tactic designed to make you pay the money without telling anyone who might be able to restore your PC.
Newer versions encrypt the files on your PC so you can’t access them, and then simply demand money to restore your files.
Ransomware can get on your PC from nearly any source that any other malware (including viruses) can come from. This includes:
· Visiting unsafe, suspicious, or fake websites.
· Opening emails and email attachments from people you don’t know, or that you weren’t expecting.
· Clicking on malicious or bad links in emails, Facebook, Twitter, and other social media posts, instant messenger chats, like Skype.
It can be very difficult to restore your PC after a ransomware attack – especially if it’s infected by encryption ransomware.
That’s why the best solution to ransomware is to be safe on the Internet and with emails and online chat:
· Don’t click on a link on a webpage, in an email, or in a chat message unless you absolutely trust the page or sender.
· If you’re ever unsure – don’t click it!
· Often fake emails and webpages have bad spelling, or just look unusual. Look out for strange spellings of company names (like “PayePal” instead of “PayPal”) or unusual spaces, symbols, or punctuation (like “iTunesCustomer Service” instead of “iTunes Customer Service”).
Check our frequently asked questions for more information about ransomware, including troubleshooting tips in case you’re infected, and how you can backup your files to help protect yourself from ransomware.
Details for enterprises and IT professionals
The number of enterprise victims being targeted by ransomware is increasing. Usually, the attackers specifically research and target a victim (similar to whale-phishing or spear-phishing – and these in fact may be techniques used to gain access to the network).
The sensitive files are encrypted, and large amounts of money are demanded to restore the files. Generally, the attacker has a list of file extensions or folder locations that the ransomware will target for encryption.
Due to the encryption of the files, it can be practically impossible to reverse-engineer the encryption or “crack” the files without the original encryption key – which only the attackers will have access to.
The best advice for prevention is to ensure company-confidential, sensitive, or important files are securely backed up in a remote, un-connected backup or storage facility.
DAFTAR HARGA KURSUS KOMPUTER DAN BAHASA INGGRIS SILAHKAN KLIK DIBAWAH
- Kursus Komputer Administrasi Perkantoran Ms. Office Words
- Kursus Komputer Administrasi Perkantoran Ms. Excel
- Kursus Komputer Administrasi Perkantoran Ms. Power Point
- Kursus Komputer Paket Administrasi Perkantoran
- Kursus Komputer Administrasi Perkantoran Alternative Linux System
- Kursus Komputer Administrasi Perkantoran Komputerisasi kearsipan
- Kursus Komputer Administrasi Perkantoran akuntansi
- Kursus Komputer Administrasi Perkantoran Pengelolaan data statistik
- Kursus Komputer Administrasi Perkantoran Internet & E-Office
- Kursus Komputer Desain Grafis Photoshop
- Kursus Komputer Desain Grafis Corel Draw
- Kursus Komputer Paket Desain Grafis
- Kursus Komputer Desain Grafis & Multimedia
- Kursus Komputer Editing Video
- Kursus Komputer Desain Grafis Lengkap (Photoshop,Corel Draw & Page Maker)
- Kursus Komputer Desain Grafis Alternative Linux System
- Kursus Komputer 3D Animation
- Kursus Komputer Macromedia Flash
- Kursus Komputer Desain Arsitektur Autocad 2 Dimensi
- Kursus Komputer Desain Arsitektur Autocad 3 Dimensi
- Kursus Komputer Desain Arsitektur Paket Arsitektur Autocad
- Kursus Komputer Desain Arsitektur Alternative Linux System
- Kursus Komputer Teknisi Komputer Dasar
- Kursus Komputer Teknisi Komputer Lanjutan
- Kursus Pengaturan Software Windows
- Kursus Pengaturan Software Linux
- Kursus Perakitan Komputer
- Kursus Komputer Traffic Management With Mikrotik
- Kursus Komputer Traffic Management With Cisco
- Kursus Komputer Jaringan Komputer Berbasis WIndows
- Kursus Komputer Jaringan Komputer Berbasis Linux
- Kursus Komputer Pemrograman Desain 3D Studio Max
- Kursus Komputer Pemrograman Media Adobe Premiere
- Kursus Komputer Pemrograman Borland Delphi
- Kursus Komputer Pemrograman MYOB
- Kursus Komputer Pemrograman Turbo Cash
- Kursus Komputer Pemrograman S.A.P.
- Kursus Komputer Pemrograman Visual Basic
- Kursus Komputer Pemrograman SQL Server
- Kursus Komputer Pemrograman Clipper
- Kursus Komputer Web Master
- Kursus Komputer Membuat Blog
- Kursus Komputer Pemrograman PHP
- Kursus Komputer Building Web with CMS
- Kursus Komputer Pemrograman Web Design
- Kursus Komputer Pemrograman Dream Weaver
- Kursus Komputer PHP Programming & MYSQL basic
- Kursus Komputer PHP Programming & MYSQL Advanced
- Kursus Komputer Web Design Level 1(Photoshop dan Flash)
- Kursus Komputer Web Design Level 2 (Dreamweaver, CSS, Javascript)
- Kursus Komputer Pemrograman CC++
- Kursus Komputer Pemrograman Java Script
- Kursus Komputer Pemrograman SPSS
- Kursus Komputer Pemrograman Oracle
- Kursus Komputer Pemrograman VB. Net
- Kursus Komputer Project Management With MS. Project Application
- Kursus Komputer Management Information System
- Kursus Komputer System Analyst and Design
- Kursus Komputer Customer Relationship Management
- Kursus Komputer IT Governance
- Kursus Komputer IT Risk Management
- Kursus Komputer Pemrograman Kali Linux
- Kursus Komputer Basic IT Ubuntu
- Kursus Komputer Training Certified Ethical Hacker
- Kursus Bahasa Inggris Elementary I
- Kursus Bahasa Inggris Elementary II
- Kursus Bahasa Inggris Intermediate
- Kursus Bahasa Inggris Post Intermediate
- Kursus Bahasa Inggris Advance I
- Kursus Bahasa Inggris Advance II
- Kursus Bahasa Inggris Conversation
- Kursus Bahasa Inggris English For Business
- Kursus Bahasa Inggris TOEFL I
- Kursus Bahasa Inggris TOEFL II
- Kursus Bahasa Inggris GMAT I
- Kursus Bahasa Inggris GMAT II
kursus komputer di kosambi karawang | tempat kursus di karawang | kursus komputer di karawang barat | tempat kursus komputer di cikampek | raditya komputer kabupaten karawang | lembaga kursus dan pelatihan prisma computer kabupaten karawang, jawa barat | lpk sinergi pusat kursus komputer kabupaten karawang jawa barat | tempat kursus komputer di karawang 2016 | sinergi kursus komputer it training kabupaten karawang, jawa barat | tempat kursus komputer di kosambi karawang | biaya kursus komputer di karawang | kursus komputer bersertifikat di karawang | tempat kursus komputer di karawang | kursus komputer daerah karawang | bimbel jakarta timur kota jakarta timur, daerah khusus ibukota jakarta | bimbel terbaik di jakarta timur | tempat bimbel murah di jakarta timur | bimbel primagama jakarta timur | tempat bimbel di jakarta selatan | tempat les di jakarta timur | bimbel murah dan berkualitas | tempat bimbel murah di jakarta timur | bimbel terbaik di jakarta timur | bimbel murah dan berkualitas | ganesha operation go kota jakarta timur daerah khusus ibukota jakarta | les privat murah jakarta timur | bimbel primagama jakarta timur | bimbel sd di jakarta timur | les privat matematika di jakarta timur | tempat bimbel murah di jakarta timur | bimbel terbaik untuk smp | bimbel jakarta timur kota jakarta timur, daerah khusus ibukota jakarta | bimbel primagama jakarta timur | tempat les di jakarta timur | tempat bimbel di jakarta selatan | bimbel murah dan berkualitas | tempat bimbel terbaik di jakarta | bimbel terbaik di jakarta timur | tempat les di jakarta timur | bimbel jakarta timur kota jakarta timur, daerah khusus ibukota jakarta | bimbel murah dan berkualitas | tempat bimbel di jakarta selatan | bimbel primagama jakarta timur | tempat les murah di jakarta timur | les privat murah jakarta timur | harga bimbel primagama 2018 | biaya bimbel primagama 2018 | biaya primagama | biaya les primagama 2018 | biaya primagama 2018 | brosur primagama 2018 | primagama adalah | biaya bimbel primagama bekasi | tempat bimbel terbaik di jakarta selatan | bimbel murah di jakarta selatan | tempat les yang bagus untuk anak sd | bimbel murah dan berkualitas | bimbel terbaik untuk smp | tempat les bimbel di jakarta barat | tempat les terdekat | tempat bimbel murah di jakarta timur | bimbel terbaik di jakarta timur | les privat murah jakarta timur | bimbel jakarta timur kota jakarta timur, daerah khusus ibukota jakarta | les privat matematika di jakarta timur | tempat les matematika di jakarta timur | bimbel primagama jakarta timur | tempat bimbel di jakarta selatan | bimbel murah di jakarta | biaya bimbel murah | bimbel terbaik untuk smp | bimbel smp | bimbel sma | bimbel sd | bimbel yang bagus untuk anak sd | alamat kursus komputer jakarta timur | kursus komputer kota jakarta timur, dki jakarta | biaya kursus komputer di jakarta timur | lpk trimitsa kursus komputer cililitan, kota jakarta timur, daerah khusus ibukota jakarta | tempat kursus komputer di jakarta | biaya kursus komputer di internusa | kursus komputer jakarta pusat | kursus komputer jakarta utara | |