73 comments

[ 25.5 ms ] story [ 179 ms ] thread
you gotta be a special kind of piece of crap to do that now
Disregard for human life seems to be a pattern of online lulz. I mean, this is on a different scale from "SWATTING" but the same sociopathy, no?
this is much more likely to be a malicious state actor than uncoordinated attacks by random internet idiots
ransomware is not a typical attack from a state actor
How do you know it's not ths Chinese or North Koreans looking for bitcoins? It is documented they do transact in bitcoin on the hacking market a lot.
NotPetya had ties to Russian intelligence, and WannaCry had ties to North Korea. Not saying this is a state actor, just pointing out ransomware is just another tool for them.
Why not both?, using a tactic common among criminals to destabilize the healthcare system and hence the economy
How is this "much more likely to be a malicious state actor"? There is literally nothing about this attack that indicates a state actor.
It’s likely to be a “state actor” for the same reason people like to use the term “state actor”: it’s so much more exciting than the alternative.
Being angry at a particular person and wanting to get them killed is really bad but it's something a lot of people are capable of. Getting a bunch of random people killed to make a quick buck is different.
(comment deleted)
In some cases, people with no hope is used to execute wrong commands. As humanity, we have seen in the past military actions against people without weapons (killing them at times). I do not think the issue is them trying to do bad things, and maybe the point is we are living in a world where there are many more borderlines that are easily recruitable for some dollars.
due to the significant danger posed to the lives of so many I hope they are caught and severely punished. this is not the type of person that you can rehabilitate.
“Rehabilitation” isn’t the opposite of “punishment”. In fact punishment is part of the process of rehabilitation.

If, as you say, rehabilitation is impossible, punishment would be illegitimate. Because we don’t harm people just to satisfy our thirst for revenge.

You have it backwards. The punishment is must be there as a deterrent, regardless of the possibility of rehabilitation.

Otherwise nobody would care whatever a judge decides.

Rehabilitation does not necessarily require punishment, and there are reasons for punishment that are not based on rehabilitation.

It is possible for someone to be rehabilitated on their own as they change, or through someone taking action that is not punishment (explaining the impact of the actions which the person may not have been thinking of, etc).

It's possible to punish someone with no thought as to rehabilitation. Capital punishment is this. The purpose is not to benefit the person in any way, but to benefit society by providing a negative example to others so they don't attempt the same actions (it doesn't matter if you believe it works, this is the purpose it's done).

I would suggest prison as a way of preventing them from doing it again. not to harm them but to prevent them from causing harm.
Is this an individual? Or a team working for an institution?
I have a horrible suspicion that the attacks are continuous and ongoing, but the high stress levels of the present situation make it easier for people to click on the wrong email or link on their XP hospital PCs.
there will be a special lesson after this, because we're in a wide global stress and indeed, when something is overloaded, other issues are felt deeper. It's also a time when people can act foolish and be tempted to be antisocial, so more stupid hacks, more angry people, or even more dormant ennemies trying to benefit.
Accident analysts call this "cascade failure". Something goes wrong, and the safety system intended to deal with it is also broken.
I doubt this simply a shitty person as opposed to a military action by funded institutions.
What's with this conspiracy theory? The average person can pull this shit off, why do you have to "believe" that it's something "funded institutions" (do you not even dare write "state sponsored"?)? What world view do you have that you'd rather have it be a state rather than shitty people? So you can think "$ENEMY_STATE is so fucking evil"?

Maybe it's 1 person, maybe it's organized criminals, do they count as "funded institutions"? Maybe it's a state... but well if you have beliefs, you gotta have the evidence!

We recently (during corona crisis) had attach on strategic Czech hospital too.
Do you have some sort of contact I could reach out for an interview on this?
And, because nation wide state of emergency has been declared few weeks ago, even small law breaking stuff is a crime. So people running these bot networks might not have realized that if caught, penalty can easily be 10x the usual rate.
I expect similar issues at a grander scale to occur in the US if things get to the same level as we see in my home Italy.
I'm not sure an IT attack is a sure fire thing that goes along with healthcare use.
If it's not just utterly sociopathic organized crime, it could be one of the many, many people whose loved ones had to be taken off life support because of insufficient medical supplies and personnel.

I can't imagine that most people would respond this way, but it only takes one or two unreasonably angry people with the right skillset.

Not the GP, but I think they were getting at US facilities being a somewhat more attractive target than Italy's. This is due to both political reasons and simply having more healthcare targets to go after.
Possibly more attractive, although ransomware folks seem to like soft targets.

US healthcare is hardly a panacea of security, but they do put resources into IT. Most of the ransomware targeting seems to be seeking out softer targets, underfunded, etc. I'm not sure US healthcare is immune, but I'm also not sure they're as obvious a target as far as being easy to break into / likely to get a payout.

Son of a bitch, how can humanity sink so low with such ease?
If it is ransomware, I suspect the folks who do that thing made that decision long ago.
There’s a lot of nation state stuff that is just designed to sow chaos.
There are also cyber attacks on food delivery companies: https://twitter.com/jitsegroen/status/1240332307262832642
In all honesty, I think food delivery companies are part of the problem.
it’s better to have a few couriers to many people than many people mingling with many people at restaurants. It’s like logarithmic or linear versus quadratic or exponential spread.
You mean this from a security perspective in their services?
Probably in terms of being potential carriers spreading the disease to the quarantined? I imagine there is a risk there.
(comment deleted)
Keeping people home is helpful.
Buying delivery is one of the few ways I have to try to support local businesses a little bit... I can give generous tips, and I can avoid being infected by putting everything I buy in the oven for a while, or buying things that I know will not pass through many fingers after being cooked.

Yes, it is a risk of infection, but one that you can calculate and do stuff to mitigate.

And in Germany people were sabotaging ambulance tires.

WTF is wrong with people

Probably, and maybe hopefully, crackpots trying to maximize chaos to push their own impaired agenda.
Link?
Don’t recall where I saw it - last couple days news was a blur

Was like 6 parked ambulances with holes drilled in tires in some arb German town

There are powerful, influential people down-playing the seriousness of the epidemic while they unload stock. Pointlessly murder a few people by puncturing ambulance tires or profitably contribute statistically to the death of millions, there seem to be some deeply evil people around.
We will pull together against CoVID, and anyone who takes this chance for criminal gains. For the readers who work in IT and cybersecurity, your actions now will save many lives. Keep calm and carry on.
For those less linguistically inclined, the article is about a spike in Ransomware attacks on the Spanish health system, and the use of Corona Virus websites and emails to spread similar ransomware to the general public.
I suppose the folks whose 'job' is ransomware feels like healthcare systems will be more likely to pay up if already under stress.
Yeah, I suppose so... but ooof some people. I used to work in HealthCare and the IT side of health systems is so stupidly resistant to automated off site backups that this situation was bound to happen somewhere at the worst possible time.
La Policía Nacional detectó este domingo un intento de bloquear los ordenadores de los hospitales españoles mediante el envío al personal sanitario de correos electrónicos con un virus “muy peligroso” con el señuelo de contener información sobre la Covid-19, según ha informado este lunes el director adjunto operativo del cuerpo, el comisario José Ángel González.

La nueva amenaza es un virus informático del tipo ransomware [secuestrador de datos] denominado Netwalker, según detallan fuentes policiales. Este actúa bloqueando todos los archivos del equipo informático para, a continuación, lanzar un mensaje en el que exige el pago de un rescate para el desbloqueo de los mismos.

National Police detected an attempt to lock down the hospital's computers with a "very dangerous" computer virus in emails pretending to contain information about COVID-19, as told by police chief J. A. G.

The new threat is a computer virus of type ransomware called _Netwalker_, as told by police sources. This virus works locking access to all files in a computer and then asking for a ransom to unlock the files.

It goes on to give a generic explanation of ransomware, but there doesn't seem to be much more technical detail in the article.

Some more info from (1): The new Netwalker phishing campaign is using an attachment named "CORONAVIRUS_COVID-19.vbs". Related: Also from (2): APT36 uses two lure formats in this campaign: Excel documents with embedded malicious macros and RTF documents files designed to exploit the CVE-2017-0199 Microsoft Office/WordPad remote code execution vulnerability.

from (3) .Ransomware Gangs to Stop Attacking Health Orgs During Pandemic

(1) https://www.bleepingcomputer.com/news/security/netwalker-ran...

(2) https://www.bleepingcomputer.com/news/security/nation-backed...

(3) https://www.bleepingcomputer.com/news/security/ransomware-ga...

If people die because of these attacks, which seems quite likely, capital punishment should be on the table IMO.
They certainly won't be being invited to any of my dinner parties.
In the apocalypse that they hasten, they might be invited to my dinner party. They might not like how they get served, though. /s
The death penalty was abolished in Spain after the end of the Franco dictatorship in the 1970s.

That, in combination with the universal prohibition of ex post facto legislation, leads to the conclusion that any future where people in Spain are executed for this is a future where a lot more went wrong than just these attacks.

Ransomware is another bad usecase of cryptocurrencies.

Given that they also increase global warming, I've lost my enthusiasm for the concept.

I agree. In the end it’s all fiat currency anyway. What does any currency have without the rule of law?
Any currency worth using may be used for ransom. If currency can't be used for ransom, it's not anonymous enough and should be avoided. So existence of ransomware is the best marketing for cryptocurrencies. Just like terrorists using E2E messengers are the best marketing for encrypted messaging. If some people (does not matter, whether they're evil or good, just not stupid) are trusting technology with their freedom and lives, this technology is worth looking at.
> If some people (does not matter, whether they're evil or good, just not stupid) are trusting technology with their freedom and lives, this technology is worth looking at.

Yes, criminals would be stupid if they didn't use this technology. The concept is a gift from heaven for these people.

What we need is a currency that is anonymous except for the two parties involved in the transaction, i.e. similar to cash but without the downsides of cash.

Two kinds of people respond to fires: one, those who want to help put the fire out and do all they can to help; two, those who pour on the accelerant so they can watch the world burn! Are these type 2 people sociopaths? Yes. But it's interesting to think why that behavior evolves and what benefits it might (or has) confer to our species in the long run.
back in the days, hospitals were never targeted by hackers.
Please when reporting this kind of attack, share the Raw e-mail message. That helps identify the how the software is being hosted, domains and MTAs used to spread the message.