The Untold Story of NotPetya, the Most Devastating Cyberattack in History

[PacketMan]

The now told story of:
The Untold Story of NotPetya, the Most Devastating Cyberattack in History

Anyone involved in any form of ICT (Information Communications Technology) should read this article a few times, and think through all the nuggets of gold in this article. Freaken nightmare to say the least. I wonder how these scenarios would be different if any of the machines involved were *nix OS, and no other factors different.

On another note, in a few months I'll put away my fishing rods, and look forward to enjoy chatting with my FreeBSD 'buddies' much more again.

 

[ShelLuser]

Not much useful stuff in there in my opinion, it's a bit too dramatized telling for that, and one which lacks any useful details.

The problem I have with stories like these is that they always picture it as if such an attack "just" happened, which is of course nonsense. Someone let the virus in. And that's a detail which (too) often gets totally ignored, especially in dramatized stories like in that blog.

Quite frankly I think this is a much better read:

https://www.theregister.co.uk/2017/06/28/petya_notpetya_ransomware/

Especially these parts:

• Crucially, NotPetya seeks to gain administrator access on a machine and then leverages that power to commandeer other computers on the network: it takes advantage of the fact that far too many organizations employ flat networks in which an administrator on one endpoint can control other machines, or sniff domain admin credentials present in memory, until total control over the Windows network is achieved.
• Not only should you patch your computers to stop the SMB exploits, disable SMBv1 for good measure, and block outside access to ports 137, 138, 139 and 445, you must follow best practices and not allow local administrators carte blanche over the network
• Creating the read-only file C:\Windows\perfc.dat on your computer prevents the file-scrambling part of NotPetya running, but doesn't stop it spreading on the network.

There are some good reasons why I'm never logged onto Windows as admin all the time anymore, this is one of those

 

[Deleted member 48958]

“I saw a wave of screens turning black. Black, black, black. Black black black black black,” he says.

Black or blue — are common colors of Windows® working state

IMO, Windows is so crappy through years, because M$ & Co
are not interested in stable OS at all, they're interested in stupid
people, who visit service centers often, because then, they will be
able to sell more unnecessary crap to people and gain much bigger profit.
So I think this OS will never be usable enough, for anyone except housewives and kids.

 

[ortizfugh]

I think that cybersecurity is a very important aspect in our time. Everyone should understand this, because now our whole life is captured on the Internet

 

[Cath O'Deray]

I am the CEO of a sizeable online bank

orly

I look forward to your third post and second link-barred product endorsement.

 

[George]

It could be a bot, too, tbh.

 

[scottro]

One suspects the icon is not a photo of the person posting. If they were, I would think that wow, CEO's are gettin' younger all the time. (Though old as I am, that's probably true. Sigh).

 

[Cath O'Deray]

we have the best specialists

orly

So, your sizeable online bank can afford the best security specialists and their delightful product, however the cost of software (or hire of a specialist) to horizontally flip a photograph is simply too high for you.

 

[SirDice]

Culled the spammer.