Brit college forced to shift all teaching online for a week while it picks up the pieces from ransomware attack An English college has temporarily closed all eight of its campuses and moved all teaching online after a "major" ransomware attack "disabled" its IT systems. South and City College Birmingham (SCCB) has told its 13,000 students that all lectures will now be delivered via the web – and has urged them to stay away from the …
Hasn't our (idiot) Prime Minister put in an order for more trident warheads for precisely this purpose.
On a more practical note, it seems to me that organisations are going to need to invest in robust backup and restore processes and systems so as to not be vulnerable to these scumbags.
I left, but still working...although that's to that thing that's going around, that's turned to shit as well.
But besides that, best move I made.
No more worrying if the phones going to ring. No more working over because it "has" to be sorted NOW! No more worrying about what next day will bring. No more irritating, lazy, "Dont you know who I am types" and on and on.
Do my job, go home forget it. If I want overtime I do it, if I don't, I don't.
Unfortunately, working as I do for a major state government department in NSW which has a very "flexible" attitude to retirement ages, Retirement is looking less and less likely, despite me hitting what I thought was the milestone birthday at the beginning of the year. My immediate boss is 74, ffs!
That said, if I didn't enjoy it, I wouldn't keep doing it, so mea maxima culpa (as usual).
It's just that they keep coming up with new fun stuff to play with!
Just because data can be restored doesn't mean that it's that simple. Restoring data onto a compromised system is a bit pointless. How do you know the systems are no longer compromised? You rebuild them from scratch, that's how. That's slow and fraught with potential problems. The least of the problems is rebuilding the data from a backup. User credentials may need to be reset, databases recreated, users needing to be alerted.
The important thing is to find how the breach occurred and patch whatever it was if it was a vulnerability, or if it's through an email, finding how it happened so it doesn't happen the same way again. This is why penetration testing, user education, anti-phishing training and better email security are all key.
These days, the perpetrators of this ransomware stuff are really clever and it's not just a matter of one PC and a few thousand files. As the article says, the backups may be poisoned too.
Bulking up security and better backups are just part of the equation. Tracking these thugs is the other part. Governments which obstruct efforts to find the crims should be sanctioned in much the same way as unruly potential nuclear powers are. And governments which fund these activities (we're looking at you, Norks) need to be even more heavily sanctioned until they start to behave.
Shhhhh, you’ll confuse the silly wankers
I just wish these cunts in overpaid positions would have their fat faces smashed and rubbed into this, with someone screaming at them, suck it up cunt!!
I’d pay to see that, no seriously, I would fucking pay
Interestingly my partner's University (located in London) was disabled over Christmas by a ransomware attack. Presumably they didn't pay up because its only now that some of the services are being restored. Shocking - trying to stop ransomware getting through is very hard and you can never be sure. Fixing an attack should therefore have been a planned process in days for mission critical stuff and weeks for the rest not months! But i'm guessing the VC's latest extortionate pay rise was more important than the IT budget.
Plus I'm guessing that integration which used to be a good idea hasn't been reversed into compartmentalisation when you know part of the network will be compromised at some time.
Maybe Christmas hols/aperitifs were responsible for it not being picked up by our neighbourhood vultures. But were there more?
A cut below, actually. They would gettheir asses kicked by any "ordinary" criminal in a face-to-face encounter.
And "ordinary" criminals do not target hospitals, mdeical centers or places of learning. You have be a miscreant with a keyboard to think of that.
au contraire, some of the criminals overseeing the whole thing are indeed the same criminals who shoot each other over turf. I've read anecdotal stories of young 'hacker types' being pressganged into working for big crime syndicates' cybercrime divisions on pain of their family meeting an untimely end.
Hospitals are an extremely common target for ordinary criminals. Large buildings full of expensive stuff, staff and visitors often occupied by important tasks, that allow members of the public to just wander around on their own with essentially zero security. Everything from targetted theft of valuable goods like IT kit, to petty theft from people's coats and bags, is a daily occurence at pretty much every hospital in the country. Same for places like universties, which again tend to have sprawling campuses with free public access and little to no security. The idea that ordinary criminals avoid these sorts of places because at heart they're really all decent folk is incredibly naive.
It's also rather sad to see the usual geek stereotypes coming out here at El Reg. Why would a criminal have their ass kicked just because they happen to know how a computer works? Your averge criminal hacker isn't a fat, spotty nerd living in their mother's basement, any more than your average burglar is a battle-hardened mercenary fighter with twelve black belts. Who would win in a fight has absolutely nothing to do with their chosen field of criminality.
"It is relatively unusual for an organisation to state outright that it has been hit by ransomware [...]"
Didn't surprise me at all from South City (the being honest bit).
I worked in FE/Adult in the West Midlands for 30+ years (never at South) and people in this sector are generally honest about the challenges. The Association Of Colleges (I think it's name changed a bit ago) do the public relations stuff for the sector when needed and spend money on glossies.
Icon: for the teams going round re-installing and doing all the crap.
Having insurance based payments is the worst possible thing to do, it will be like throwing petrol on a fire. I'd focus on the people authorising paying the scum off. Mandatory jail time, with a minimum of 5 years actually inside if caught trying to hide the payment via offshore accounts etc.
How do the cyber insurance companies make any money?
These attacks are happening all the time, and it's often horrifically expensive to clean this kind of mess up.
Large frequent payouts does not, surely, equal a happy insurance provider.
And do they not demand evidence of at least some basic IT hygiene? Cyber Essentials Plus and a proportion of staff with (e.g.) CompTIA Security+? If not that seems like complete madness.
Unlike driving a car where you need a driving licence, an MOT and insurance. Mind you, that mostly works because it's the law. When it comes to computers anyone can buy one and merrily start hurtling along the information superhighway with zero legal requirements.
has told its 13,000 students that all lectures will now be delivered via the web – and has urged them to stay away from the college's campuses for the rest of this week
Question: Why is the school/campus treating this like a rodent infestation or a measles outbreak?
What happened to "attend the lecture(s)" with a pen and paper?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
