Random intoxicated thoughts... possibly nsw

stig

Patron saint of bore-cutters
Joined
Aug 26, 2007
Messages
22,235
Location
Denmark
Another $1.9 TRILLION was recently added to our national debt. Can anyone really comprehend how incredibly large that number is? For perspective, a million seconds is a little more than 11 DAYS while a trillion seconds is around 31,688 YEARS!
One good thing about living here in Commie land.
We haven't sold our souls to the Chinese.
 

gf beranek

Old Schooler
Joined
Apr 18, 2007
Messages
13,279
Location
God's country, North Coast
To me China represents more of a economic threat to the U.S. than a military one. I mean how many Chinese military bases do you do see around the world compared to the U.S.?

Long as I remember China had regarded Taiwan as its territory, and has threatened many times to take action for its sovereignty. Meanwhile China is building a new naval base nearby. And who knows? This could be the next new conflict to keep us all distracted after covid.

Random intoxicated thoughts and all...
 

Fiddler

Treehouser
Joined
Jun 29, 2009
Messages
9,521
Location
Michigan
So. not one person in this entire country is smart enough to find and turn the table on a ransomware perpetrator? Sad...

Not one company is diligent enough to have a manual override & capability? Sadder...
 

lxskllr

Treehouser
Joined
Jul 21, 2019
Messages
9,331
Location
MD USA
So. not one person in this entire country is smart enough to find and turn the table on a ransomware perpetrator? Sad...

Not one company is diligent enough to have a manual override & capability? Sadder...

Shit's hard. Attackers only have to be right once. Defenders have to be right every time.
 

Burnham

Woods walker
Joined
Mar 7, 2005
Messages
21,135
Location
Western Oregon
Fiddler is not suggesting defense...he's wondering why one cannot send a system bomb back down the pipe the ransomware came up through, if I read him correct. If that's not his point, then I'll throw it out as a question of my own.

So far beyond my kin as to be unfathomable...but the question sure does ring true, to my layman's view.
 

lxskllr

Treehouser
Joined
Jul 21, 2019
Messages
9,331
Location
MD USA
Hard to tell where ransomware comes from specifically though. Even when you know exactly which group is doing it, how do you get to them? NSA et al probably has some tricks that could be employed, but then you give up your tricks. They save stuff for high value operations, but ransomware to the tune of millions $ - tens of millions $ isn't really high value. This stuff is just a nuisance at this point. Security audits, and streamlining recovery procedures is probably the best use of time and money at this point.
 

lxskllr

Treehouser
Joined
Jul 21, 2019
Messages
9,331
Location
MD USA
Millions of dollars is nothing. NSA has tools that get used to sabotage nuclear development in unstable nations. They're advanced, and time consuming operations, and you only get one shot. Once you use your tool, it can be defended against ever after. You don't use stuff like that for a triviality of a few million dollars. That doesn't even reach the status of a rounding error in the gdp.
 

Burnham

Woods walker
Joined
Mar 7, 2005
Messages
21,135
Location
Western Oregon
You probably know a thousand times more than I do about the tech, John...but for this layman, it is still a bullshit argument. The dollar amounts do not sway. And just to make clear, we are not talking about "a triviality of a few million dollars". These ransomware attacks are WAY beyond that in costs to our economy. You have to know that, so don't stick your head in the sand.

I still say, backflush the bastards.
 

Mick!

TreeHouser
Joined
Nov 4, 2013
Messages
12,642
Location
South West France
My BIL works in computers specializing in this stuff, it just doesn’t work that way Burnham.

I don’t know how it works of course, but it’s not just blowing a noisy horn down the phone line that’s for sure.
 

treesmith

Banned
Joined
Feb 4, 2009
Messages
9,370
Location
Alabama
I say they could find them if they wanted to. I live near a small town of around 900. A not-so-sharp idjit that lives nearby posted some stuff on social media a while back regarding Uncle Joe. Within a day, unmarked SUVs were at his house. Seems the Secret Service knows where our little town is..... It's all about priorities....
 

Marc-Antoine

TreeHouser
Joined
Apr 17, 2011
Messages
2,728
Location
France
I though of backflushing for a virus attack on my computer. But my worry was, even if I find a way to (far from given), I'd stand as a complet amateur against a very well trained guy(s). It's like wanting to punch a commando in the face. Maybe I can manage to touch his nose if he isn't aware, but what comes after that?
I bet I'll cry Mummy.
 

lxskllr

Treehouser
Joined
Jul 21, 2019
Messages
9,331
Location
MD USA
A not-so-sharp idjit
That's a huge difference from these ransomware attackers. These guys definitely *are not* idiots, and even if they know where they are, how are they gonna get them? Send SEALs? That'll turn the cold war hot in about a millisecond. They serve Russia's purposes, and there's enough plausible deniability that Putin doesn't have to care.
 

lxskllr

Treehouser
Joined
Jul 21, 2019
Messages
9,331
Location
MD USA
Here's a clever, and fairly cheap operation that netted results...


Wouldn't help much for Russians unless they left the country though. I think it was foolish on the criminal's part. I wouldn't trust some random tech of doing what it said it would do, especially some random darknet company.
 

BeerGeek

Tree Numbnutz
Joined
Sep 13, 2018
Messages
1,928
Location
Warren, NJ
I've been tied up the last few days, so I missed this thread update. John is mostly correct in his assertions, as is Marc. The way the ransomware is propogated, the Aholes who host it do everything to conceal/provide false trails to it's origin. In many cases, they claim "Russian hackers", even after numerous security luminaries pointed out that the CIA uses numerous methods to attribute their own BS to their enemy du-jour. So trying to respond back to it is a pointless, and potentially dangerous game to play. Also, treading into that kind of attack is what will soon be starting wars between nations/military alliances.

Best to suck up any damages/losses and improve your entity's security posture/execution. Hell, you can even buy commercial insurance (YUCK) if you need a control for this. Cost of doing biz nowadays.

Just ranblins from a 27 yr IT/Infosec guy....
 

treesmith

Banned
Joined
Feb 4, 2009
Messages
9,370
Location
Alabama
Is there no way to trace/track the money, Brian? They give “account numbers” of a bank somewhere...seems it could be traced.
 

Tree09

Treehouser
Joined
Feb 28, 2017
Messages
9,840
Location
Peoria il
  • Thread Starter Thread Starter
  • Thread Starter Thread Starter
  • #122
I thought they already got the money back?
 

BeerGeek

Tree Numbnutz
Joined
Sep 13, 2018
Messages
1,928
Location
Warren, NJ
Scott, the article John provided indicates they were paid in Bitcoin, and that the DOJ managed to get their private key for it (would like to hear how that occurred, hmmmm) and recovered what was in the "wallet". So getting the money back is one thing, shutting down the actors is another.
 

treesmith

Banned
Joined
Feb 4, 2009
Messages
9,370
Location
Alabama
Well, I meant (more specifically), tracking down the perps. Just seems like it would be doable but I’m not a computer whiz.
 

lxskllr

Treehouser
Joined
Jul 21, 2019
Messages
9,331
Location
MD USA
Bitcoin's pseudoanonymous, and that's why it had a premium added for the ransom payment. It adds hassle to convert it to hard currency, and if your opsec isn't perfect, you can screw up and give yourself away, especially when it's a nation state that's after you.
 
Top