College to close after severe ransomware attack

You’ll never make it in academia with that attitude!

j/k, I am a super-duper expert in all I deign to speak of


Just in case we were wondering how WW3 will be fought, this is it.

Sure, this particular case sounds like white nationalists, but whenever Russia and/or China is ready, every hospital, power plant, internet and cell provider - you get the idea - is going down. Government funded employers are especially vulnerable (outside of the White House), as are medium and small business, as they do not have funding for this purpose.

Big banks can usually defend themselves, though data breaches have cast doubt there. Big tech, big retail, big pharma, etc., can afford to have defenses.

I’m not conspiracy theory guy. I’ve just seen it happen too many times. I would say, OK, but we’re working on cyber warfare ourselves, but that will be small consolation. Can we all get tickets to Cancun?

1 Like

hurrah, my alma mater is famous for its infamy.

I don’t disagree with you for the most part, although I don’t think OTS software and operating systems are going anywhere soon. Enterprises (no matter the size) are not going to abandon Windows and Active directory. Though there is literally zero reason to have on-prem Exchange and Sharepoint anymore.
This is why what I mentioned about encrypted backups including off-site. We were able to get someone back from a ransomware attack over the course of a weekend because of that one time and that included rebuilding their HyperV host (fuck me, I hate HyperV) and restoring all of their VMs.
That being said, SO many attacks come from simple phishing emails.
And so many companies have open vectors because they don’t actively keep their shit up to date - both from a patching perspective or even using out of date OS. The latter… don’t get me started. But patching is simple to literally automate across an environment, but I’m shocked to still see people patching MANUALLY, which leads to being behind. Always.

Too true:

The impact to the employees and communities are bad. There’s also the lost opportunities for students to be considered, too:

I’ve been hearing most complaints about this from the private sector. The numbers are alarming there, too, but do tend to get more attention. IT managers are getting hit on multiple fronts though, because some of these attacks are enabled by the very people they’ve been hired to protect. So, they’re frustrated and tired, too. Environments where people are allowed to BYOD are a nightmare.

This is partly what makes me break into a cold sweat when I see the logo on computers in restaurants, big box chains, and in doctor’s offices. :grimacing:


It usually comes out when they come looking for money. They’re nowhere near as anonymous as they, and other people think, but it doesn’t really matter because they face no consequences in their home state.

Don’t forget Israel. It’s a huge player in the gangster/rogue state nexus.

1 Like

I’m not too happy with the idea that moving your stuff to the cloud necessarily makes things more secure.

Let’s assume for a moment that patches are available in a timely manner (which is not true, for example quite recently it took Oracle more than 5 fucken months to release a patch for a critical vulnerability. Let’s also assume the proprietary software you’re using is not a pile of shit to begin with.

If you just patch some vulnerable software, but fail to rebuild and redeploy all your machines that software has been running on, you can’t ever be sure that any of your machines has not been compromised in the time it took people to develop that patch. Only if you redeploy you can be sure.

And one of the most important reasons why people don’t patch right away is because patches break stuff all the time, and then it’s really costly to go back to the previous version, so you need to test if everything still works after a patch, and you have less of that testing if wait for the patch of the patch to arrive first.

So it’s not simply enough to automate patching, you also need to be able to roll back, and you need to automate redeploying the whole machine, and not merely automate patching it. While you’re at it, you could automate some tests that check if shit is still working. If that sounds a lot like what is done in actual software development these days, that is because we’re dealing with the same class of problems here.

I’d rather reduce the attack surface, and just use the stuff I absolutely need, and then focus on getting that as secure as possible. But that regrettably is a trend in either software development or in operations. People add complexity, and then are naturally overwhelmed when having to deal with that on a daily basis.



This topic was automatically closed after 5 days. New replies are no longer allowed.