Topic: Microsoft patches Windows XP to fight 'WannaCrypt' attacks

[brickbatz]

I'm all for Windows 10 but I find this "HOLY CRAP!"

Support for the OS ended three years ago but yesterday's infection spurred the 'unusual' step.

engadget

[Alfonz]

About 25% of our computers are still on XP, that's close to 3000 units! IT maintains that there is no need to upgrade units that are working properly if they've received all security patches. Even the "upgraded" machines are Win 7 at best, the way Win 10 integrates with the individual user will force us to develop newer infaweb software that will automatically restrict user activity on a given machine.

Also read that the leader of the Shadow Brokers is Fiona Glenanne, a former terrorist with the Irish Republican Army.

[goldshirt*9]

we run alot of XP pc's at my work because some of the software for the machine only use XP

[goldshirt*9]

so did anyone get hit by the virus ?

[mishca09]

I got a weird email from a friend with an attachment. I opened it... but on my phone.... nothing happen3d.

[dweez]

We had a bunch on campus hit by the first wave (SMB1 and EternalBlue), none directly in my department.  For the WannaCry, so far I haven't seen any hit. The first version of it was thwarted by a researcher that found a hard-coded kill switch which got activated before it went live. But I believe a version without the kill switch was found in the wild less than 24 hours later.

[goldshirt*9]

Not me.

personally I know no one and our work is so locked down its ridiculously safe.

the show still go's on with the theories where it originated ??
 Can no one trace the bit coins / cast they get ??

[mishca09]

The news lady said it's believed it came from north Korea ...

[smokester]

My theory (based on a mish-mash of news reports and guess work):

A young lad, in his bedroom, discovered the leaked NSA stuff and decided that he would see if he could figure out a bit of software that would encrypt someone's hard drive and demand money, combined with a worm that would spread itself around the local network, attached to a "phishing" e-mail. More of a proof of his own ability than anything else.

Probably the kid was in the US (hence the ask for dollars - unless that was embedded in wherever he found his basic code).

It was almost certainly not intended for release into the wild, or to target large institutions (who asks the NHS for $300? £3,000,000 more like ...).

The young lad put a safety valve into the code (check an IP/ address, and if you find it, do nothing) to ensure that it wouldn't escape into the wild.

When he sent it to himself to test it, it never arrived, so he gave up. Maybe he never realised that he had screwed up the safety IP, and either put a random string, or a typo, where the "safe IP" should have been.

-- AND THEN --

Oops - it is in the wild, and he doesn't know why, and can't do anything about it.

Fits the facts (as they have been reported), and completely destroys the received wisdom that we need a global anti-cyber-terror structure, as they almost certainly would never - and could never - account of those meddling kids.

It suits me down to the ground that script-kiddies such as these don't get fed Apple-attacking malware prototypes, for whatever reason (maybe Apple doesn't share them with the NSA?), as it means that I can sleep safe in my bed at night (although my medical care may be at risk!)

That's almost a short story I could read my kids at bedtime. Although, I'm not sure about the product placement ending.

[goldshirt*9]

Writing imaginary back-stories to news events is one of those things I do.

I thought that was the job of your disciples

[8ullfrog]

Apparently it was outsourced from a firm in hong kong. A victim emailed them and said they didn't have the $400, the hacker bitched back that the hong kong firm grossly overestimated incomes in most regions. Went on to decrypt the victim, but then said if the victim liked the software (dafuq?) They should spend a few bucks to buy them some coffee.

I never liked the coffee analogy.

I figure most people still running XP probably aren't all that wealthy, and that the targets were individuals rather than institutions.

That being said, I know the atms at my bank are running xp, because of the usb disconnection tone.

[dweez]

Lots of corporations are still using older OSes (WinXP/Vista/Win7) because they either don't have the money budgeted to upgrade their hardware to support the new OSes and/or 2) they don't have the money to buy the licenses for the new OSes.

[8ullfrog]

Or just never had the intent to "upgrade" because they have the mentality that computers are like refrigerators or toaster ovens.

Also disregard my previous post. Even after paying, the ransomware does not decrypt.

[goldshirt*9]

we run xp a lot due to software not being available on the more recent OS.
The time required and money to re-encode various CMM machines is ridiculous

[Alfonz]

Lots of corporations are still using older OSes (WinXP/Vista/Win7) because they either don't have the money budgeted to upgrade their hardware to support the new OSes and/or 2) they don't have the money to buy the licenses for the new OSes.

A little of this, and a little of;  "Or just never had the intent to "upgrade" because they have the mentality that computers are like refrigerators or toaster ovens."

"If it ain't broke, don't fix it" only goes so far.

*Edit, received an email from IT this afternoon informing us that "staff used XP computers in your area will be upgraded to Win 7 in the coming week, please move your data to Z drive".  Coincidence?