If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
Florida city reportedly fires IT director after being forced to pay$460G in ransomware attack
A Florida city reportedly has fired one of its top tech
employees after officials were forced to pay $460,000 in ransom to the hackers behind a cyber attack that disabled its servers, phones and email accounts. Brian Hawkins, Lake City's director of information technology, was let go from his job Monday, about three weeks after the hackers' malware compromised the city's computer network, according to WCJB. “Our city manager did make a decision to terminate one employee and he is revamping our whole IT department to comply with what we need to be able to overcome what happened... so it doesn't happen again,” Mayor Stephen Witt told the station. Staff initially tried to restore the networks themselves following the ransomware attack, but failed. Lake City council members, at an emergency meeting last week, ultimately agreed to pay 42 Bitcoins (around $460,000) to the hacker in exchange for a decryption key that would get its networks back online. The city's IT team and a third party vendor, WCJB reports, told them it was their only resort. https://www.foxnews.com/tech/florida...es-it-director * |
Ads |
#2
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 7/6/19 4:36 AM, Nomen Nescio wrote:
A Florida city reportedly has fired one of its top tech employees after officials were forced to pay $460,000 in ransom to the hackers behind a cyber attack that disabled its servers, phones and email accounts. A friend of mine worked for a social services agency of our local government many years ago. Some genius had the database of all the necessary data in a single IBM IMS/DB IMS/DC system to handle all the data of the entire state. At one point, they installed an update which failed, and all the data were lost. My friend complained that all the employees had to work nights and weekends to re-enter the previous month's data transactions. During the daytime, they tried to serve their customers (welfare, mostly). I suggested that they just restore everything from the most recent backup and then apply the updates from the journal tapes. (This was back in the days of magnetic tape). I explained all this to my friend who inquired as to why they were not doing this. It turns out that the genius had turned off the backups because they took too much time and they needed someone to change the tapes. So he saved a little money that way. But the welfare clients could not get their checks that month, many got evicted from their welfare hotels, and had problems paying for food and medications. I very much doubt the genius got fired. -- .~. Jean-David Beyer /V\ PGP-Key:166D840A 0C610C8B /( )\ Shrewsbury, New Jersey ^^-^^ 22:00:01 up 2 days, 6:52, 2 users, load average: 4.28, 4.32, 4.38 |
#3
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 2019-07-28, Jean-David Beyer wrote:
On 7/6/19 4:36 AM, Nomen Nescio wrote: A Florida city reportedly has fired one of its top tech employees after officials were forced to pay $460,000 in ransom to the hackers behind a cyber attack that disabled its servers, phones and email accounts. A friend of mine worked for a social services agency of our local government many years ago. Some genius had the database of all the necessary data in a single IBM IMS/DB IMS/DC system to handle all the data of the entire state. At one point, they installed an update which failed, and all the data were lost. My friend complained that all the employees had to work nights and weekends to re-enter the previous month's data transactions. During the daytime, they tried to serve their customers (welfare, mostly). I suggested that they just restore everything from the most recent backup and then apply the updates from the journal tapes. (This was back in the days of magnetic tape). I explained all this to my friend who inquired as to why they were not doing this. It turns out that the genius had turned off the backups because they took too much time and they needed someone to change the tapes. So he saved a little money that way. But the welfare clients could not get their checks that month, many got evicted from their welfare hotels, and had problems paying for food and medications. I very much doubt the genius got fired. I have a friend who works in security for a major US bank and the things he tells me are frightening. First off, the Russians are down on the list of potential hackers. Number 1 is China by far. Followed by North Korea, Middle Eastern countries and some of the Slavic countries. They get hammered 100's of thousands +++ of times per day by these countries probing their infrastructure. It's like the wild wild west out there. -- POSHLYAK Pronounced - POSH LEE ACK Combines for the win! |
#4
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 7/27/2019 10:22 PM, POSHLYAK wrote:
On 2019-07-28, Jean-David Beyer wrote: On 7/6/19 4:36 AM, Nomen Nescio wrote: A Florida city reportedly has fired one of its top tech employees after officials were forced to pay $460,000 in ransom to the hackers behind a cyber attack that disabled its servers, phones and email accounts. A friend of mine worked for a social services agency of our local government many years ago. Some genius had the database of all the necessary data in a single IBM IMS/DB IMS/DC system to handle all the data of the entire state. At one point, they installed an update which failed, and all the data were lost. My friend complained that all the employees had to work nights and weekends to re-enter the previous month's data transactions. During the daytime, they tried to serve their customers (welfare, mostly). I suggested that they just restore everything from the most recent backup and then apply the updates from the journal tapes. (This was back in the days of magnetic tape). I explained all this to my friend who inquired as to why they were not doing this. It turns out that the genius had turned off the backups because they took too much time and they needed someone to change the tapes. So he saved a little money that way. But the welfare clients could not get their checks that month, many got evicted from their welfare hotels, and had problems paying for food and medications. I very much doubt the genius got fired. I have a friend who works in security for a major US bank and the things he tells me are frightening. First off, the Russians are down on the list of potential hackers. Number 1 is China by far. Followed by North Korea, Middle Eastern countries and some of the Slavic countries. They get hammered 100's of thousands +++ of times per day by these countries probing their infrastructure. It's like the wild wild west out there. I worked for a large pharmaceutical company. Thier IT department locked down all of the company computers so only company approved software would run, all data was on company servers. EXCEPT, They forgot the DOS batch commands and batch files. The "Obsolete" DOS commands could do about any thing you wanted on their secure system. -- Judge your ancestors by how well they met their standards not yours. They did not know your standards, so could not try to meet them. |
#5
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
I have a friend who works in security for a major US bank and the things he tells me are frightening. First off, the Russians are down on the list of potential hackers. Number 1 is China by far. Followed by North Korea, Middle Eastern countries and some of the Slavic countries. They get hammered 100's of thousands +++ of times per day by these countries probing their infrastructure. It's like the wild wild west out there. This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries. This is something that most all servers should. It is not like you are going to miss out on any business from these corrupt, commie countries. |
#6
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
I have a friend who works in security for a major US bank and the things he tells me are frightening. First off, the Russians are down on the list of potential hackers. Number 1 is China by far. Followed by North Korea, Middle Eastern countries and some of the Slavic countries. They get hammered 100's of thousands +++ of times per day by these countries probing their infrastructure. It's like the wild wild west out there. This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries. This is something that most all servers should. It is not like you are going to miss out on any business from these corrupt, commie countries. You need to include all of Africa too. |
#7
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 28/07/2019 15.50, Anonymous wrote:
I have a friend who works in security for a major US bank and the things he tells me are frightening. First off, the Russians are down on the list of potential hackers. Number 1 is China by far. Followed by North Korea, Middle Eastern countries and some of the Slavic countries. They get hammered 100's of thousands +++ of times per day by these countries probing their infrastructure. It's like the wild wild west out there. This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries. This is something that most all servers should. It is not like you are going to miss out on any business from these corrupt, commie countries. You need to include all of Africa too. And all of USA. That's the worst one, but you will not see it in the logs. -- Cheers, Carlos. |
#8
|
|||
|
|||
Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack
In message , Carlos E.R.
writes: On 28/07/2019 15.50, Anonymous wrote: [] (Someone else wrote - attribution snipped before this point This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries. This is something that most all servers should. It is not like you are going to miss out on any business from these corrupt, commie countries. You need to include all of Africa too. And all of USA. That's the worst one, but you will not see it in the logs. Difficult, as very few use the .us TLD. I guess since (more or less) the internet was invented/developed in USA, the .com, etc. TLDs predominate, but I do continue to be surprised that people aren't _proud_ to use a ..us address. -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf What a strange illusion it is to suppose that beauty is goodness. -Leo Tolstoy, novelist and philosopher (1828-1910) |
#9
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 28/07/2019 23:50, J. P. Gilliver (John) wrote:
In message , Carlos E.R. writes: On 28/07/2019 15.50, Anonymous wrote: [] (Someone else wrote - attribution snipped before this point This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries.Â* This is something that most all servers should.Â* It is not like you are going to miss out on any business from these corrupt, commie countries. Â* You need to include all of Africa too. And all of USA. That's the worst one, but you will not see it in the logs. Difficult, as very few use the .us TLD. I guess since (more or less) the internet was invented/developed in USA, the .com, etc. TLDs predominate, but I do continue to be surprised that people aren't _proud_ to use a .us address. Am I intuiting that you think ipset works on domain names rather than IP addresses? -- “It is dangerous to be right in matters on which the established authorities are wrong.†― Voltaire, The Age of Louis XIV |
#10
|
|||
|
|||
Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack
In message , The Natural Philosopher
writes: On 28/07/2019 23:50, J. P. Gilliver (John) wrote: In message , Carlos E.R. writes: On 28/07/2019 15.50, Anonymous wrote: [] (Someone else wrote - attribution snipped before this point This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries.* This is something that most all servers should.* It is not like you are going to miss out on any business from these corrupt, commie countries. * You need to include all of Africa too. And all of USA. That's the worst one, but you will not see it in the logs. Difficult, as very few use the .us TLD. I guess since (more or less) the internet was invented/developed in USA, the .com, etc. TLDs predominate, but I do continue to be surprised that people aren't _proud_ to use a .us address. Am I intuiting that you think ipset works on domain names rather than IP addresses? Sorry, I hadn't noticed you said you were using ipset (of which I know nothing). I was thinking of host file and similar filtering. How would you know which IP addresses are any given country anyway? -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf That's how he [Dr. Who] seems to me. He's always been someone who gets the /Guardian/. There are some parts of the universe where it's harder to get hold of. - Peter Capaldi (current incumbent Doctor), RT 2016/11/26-12/2 |
#11
|
|||
|
|||
Florida city reportedly fires IT director after being forcedto pay $460G in ransomware attack
J. P. Gilliver (John) wrote:
In message , Carlos E.R. writes: On 28/07/2019 15.50, Anonymous wrote: [] (Someone else wrote - attribution snipped before this point This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries. This is something that most all servers should. It is not like you are going to miss out on any business from these corrupt, commie countries. You need to include all of Africa too. And all of USA. That's the worst one, but you will not see it in the logs. Difficult, as very few use the .us TLD. I guess since (more or less) the internet was invented/developed in USA, the .com, etc. TLDs predominate, but I do continue to be surprised that people aren't _proud_ to use a .us address. https://en.wikipedia.org/wiki/Generic_top-level_domain "...RFC 920 in October 1984, was a set of "general purpose domains": com, edu, gov, mil, org The net domain was added with the first implementation of these domains. The com, net, and org TLDs, despite their originally specified goals, are now open to use for any purpose. " It's got nothing to do with "proudness", and everything to do with the history and "computed value" of the domains. Whacky domains do not garner trust, especially country-domains hijacked because they "sound nice for some other purpose". That means you'll have trouble selling whacky domains, if the SEO possibilities are limited, and the search engines won't "put you at the top". Potential customers aren't going to click a link that ends in .jokey . Would you enter a credit card number in https://some.jokey ??? Or would you be suspicious ? I would feel more confident in a https://some.com , because the site owner wanted to blend in. https://en.wikipedia.org/wiki/Top-level_domain On 13 June 2012, ICANN announced nearly 2,000 applications for top-level domains The first seven – bike, clothing, guru, holdings, plumbing, singles, and ventures were released in 2014 When is the last time you saw a .plumbing ? The purpose of this is some kind of dilution. Surely they could come up with more than 2000 of those. Look at how many emojis there are, for inspiration... Paul |
#12
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 29/07/2019 03:01, J. P. Gilliver (John) wrote:
In message , The Natural Philosopher writes: On 28/07/2019 23:50, J. P. Gilliver (John) wrote: In message , Carlos E.R. writes: On 28/07/2019 15.50, Anonymous wrote: [] (Someone else wrote - attribution snipped before this point This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries.Â* This is something that most all servers should.Â* It is not like you are going to miss out on any business from these corrupt, commie countries. Â* You need to include all of Africa too. And all of USA. That's the worst one, but you will not see it in the logs. Difficult, as very few use the .us TLD. I guess since (more or less) theÂ* internet was invented/developed in USA, the .com, etc. TLDs predominate,Â* but I do continue to be surprised that people aren't _proud_ to use aÂ* .us address. Am I intuiting that you think ipset works on domain names rather than IP addresses? Sorry, I hadn't noticed you said you were using ipset (of which I know nothing). I was thinking of host file and similar filtering. Not me. Someone lese. How would you know which IP addresses are any given country anyway? whois lookup on various ip ranges will reveal who issued them and to whom e.g. $whois 5.5.5.5 % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '5.4.0.0 - 5.7.255.255' % Abuse contact for '5.4.0.0 - 5.7.255.255' is ' inetnum: 5.4.0.0 - 5.7.255.255 netname: DE-MEDIAWAYS-20120425 country: DE org: ORG-TDG4-RIPE admin-c: MWH6-RIPE tech-c: MWH6-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-by: MDA-Z mnt-lower: MDA-Z mnt-routes: MDA-Z created: 2012-04-25T06:13:17Z last-modified: 2018-07-30T09:52:34Z source: RIPE organisation: ORG-TDG4-RIPE org-name: Telefonica Germany GmbH & Co.OHG org-type: LIR address: Georg-Brauchle-Ring 50 address: 80992 address: M�nchen address: GERMANY phone: +498924420 fax-no: +49892442198224 admin-c: RCM25-RIPE admin-c: WT546-RIPE admin-c: DK9212-RIPE abuse-c: MWH6-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: MDA-Z mnt-by: RIPE-NCC-HM-MNT mnt-by: MDA-Z created: 2004-04-17T12:45:50Z last-modified: 2018-09-25T14:13:22Z source: RIPE # Filtered role: mediaWays Hostmaster address: Telefonica Germany GmbH & Co. OHG address: Georg-Brauchle-Ring 50 address: 80992 Muenchen address: DE phone: +498924420 fax-no: +49892442198224 abuse-mailbox: admin-c: DK9212-RIPE admin-c: RCM25-RIPE admin-c: WT546-RIPE tech-c: TG819-RIPE tech-c: ASZ-RIPE nic-hdl: MWH6-RIPE mnt-by: MDA-Z created: 2001-11-06T10:42:25Z last-modified: 2018-04-26T12:03:39Z source: RIPE # Filtered % Information related to '5.4.0.0/14AS6805' route: 5.4.0.0/14 descr: Telefonica Germany GmbH & Co. OHG remarks: netname: DE-MEDIAWAYS origin: AS6805 mnt-by: MDA-Z created: 2018-08-08T09:03:25Z last-modified: 2018-08-08T09:13:47Z source: RIPE % This query was served by the RIPE Database Query Service version 1.94.1 (BLAARKOP) This shows a block of IP addresses issued by RIPE to a German ISP Or https://lite.ip2location.com/russian...address-ranges will for example list exhastively ALL ip ranges belonging to Russisn organisations and ISPs -- “Progress is precisely that which rules and regulations did not foresee,†– Ludwig von Mises |
#13
|
|||
|
|||
Florida city reportedly fires IT director after being forced topay $460G in ransomware attack
On 29/07/2019 04.01, J. P. Gilliver (John) wrote:
In message , The Natural Philosopher writes: On 28/07/2019 23:50, J. P. Gilliver (John) wrote: In message , Carlos E.R. writes: On 28/07/2019 15.50, Anonymous wrote: [] (Someone else wrote - attribution snipped before this point This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries.Â* This is something that most all servers should.Â* It is not like you are going to miss out on any business from these corrupt, commie countries. Â* You need to include all of Africa too. And all of USA. That's the worst one, but you will not see it in the logs. Difficult, as very few use the .us TLD. I guess since (more or less) theÂ* internet was invented/developed in USA, the .com, etc. TLDs predominate,Â* but I do continue to be surprised that people aren't _proud_ to use aÂ* .us address. Am I intuiting that you think ipset works on domain names rather than IP addresses? Sorry, I hadn't noticed you said you were using ipset (of which I know nothing). I was thinking of host file and similar filtering. How would you know which IP addresses are any given country anyway? LOL. By using tools dedicated to do just that automatically. -- Cheers, Carlos. |
#14
|
|||
|
|||
Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack
In message , The Natural Philosopher
writes: On 29/07/2019 03:01, J. P. Gilliver (John) wrote: In message , The Natural Philosopher writes: On 28/07/2019 23:50, J. P. Gilliver (John) wrote: In message , Carlos E.R. writes: On 28/07/2019 15.50, Anonymous wrote: [] (Someone else wrote - attribution snipped before this point This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries.* This is something that most all servers should.* It is not like you are going to miss out on any business from these corrupt, commie countries. * You need to include all of Africa too. And all of USA. That's the worst one, but you will not see it in the logs. Difficult, as very few use the .us TLD. I guess since (more or less) the* internet was invented/developed in USA, the .com, etc. TLDs predominate,* but I do continue to be surprised that people aren't _proud_ to use a* .us address. Am I intuiting that you think ipset works on domain names rather than IP addresses? Sorry, I hadn't noticed you said you were using ipset (of which I know nothing). I was thinking of host file and similar filtering. Not me. Someone lese. [I never said it was you - if you count ""s, you'll see I was replying to the person posting as "Carlos E.R. ".] How would you know which IP addresses are any given country anyway? whois lookup on various ip ranges will reveal who issued them and to whom e.g. $whois 5.5.5.5 [details snipped] This shows a block of IP addresses issued by RIPE to a German ISP Yes, but that doesn't answer my question "How would you know which IP addresses are any given country" - being able to look up which country a given IP is in (even assuming the whois return includes that datum) doesn't tell you which IP addresses are in a given country; it tells you (or might) which country a given IP address is in, which isn't the same thing! Or https://lite.ip2location.com/russian...address-ranges will for example list exhastively ALL ip ranges belonging to Russisn organisations and ISPs Now that's a closer answer. I see https://lite.ip2location.com/ has (bottom right of page) a list of countries, though I didn't investigate it. Just looking at the russian-federation list linked to above, it's a very long and bitty list; your "ipset" must work hard blocking all those, plus the other countries you mention. (By "your" I mean whichever poster said they were doing that.) -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf A. Top-posters. Q. What's the most irritating thing on Usenet? |
#15
|
|||
|
|||
Florida city reportedly fires IT director after being forced to pay $460G in ransomware attack
In message , Paul
writes: J. P. Gilliver (John) wrote: In message , Carlos E.R. writes: On 28/07/2019 15.50, Anonymous wrote: [] (Someone else wrote - attribution snipped before this point This is why I installed ipset on my server and block all of China, Russia, North Korea and Slavic countries. This is something that most all servers should. It is not like you are going to miss out on any business from these corrupt, commie countries. You need to include all of Africa too. And all of USA. That's the worst one, but you will not see it in the logs. Difficult, as very few use the .us TLD. I guess since (more or less) the internet was invented/developed in USA, the .com, etc. TLDs predominate, but I do continue to be surprised that people aren't _proud_ to use a .us address. https://en.wikipedia.org/wiki/Generic_top-level_domain "...RFC 920 in October 1984, was a set of "general purpose domains": com, edu, gov, mil, org The net domain was added with the first implementation of these domains. The com, net, and org TLDs, despite their originally specified goals, are now open to use for any purpose. " It's got nothing to do with "proudness", and everything to do with the history and "computed value" of the domains. Whacky domains do not garner trust, especially country-domains I don't consider most country domains to be whacky - certainly not .uk, ..de, .fr, .ch, .it, and most others I can think of. hijacked because they "sound nice for some other purpose". Granted, yes, there are some: I gather .tv actually contributes significantly to the income of (the small island country of) Tuvalu, for example, because of what it means in the English-speaking world. However, I actually respect a .us address, on the rare occasions I see one. That means you'll have trouble selling whacky domains, if the SEO possibilities are limited, and the search engines won't "put you at the top". Potential customers [] On 13 June 2012, ICANN announced nearly 2,000 applications for top-level domains The first seven – bike, clothing, guru, holdings, plumbing, singles, and ventures were released in 2014 When is the last time you saw a .plumbing ? I've never seen one - but that doesn't mean I'd think any less of one if I did! I don't think I'd have any particular suspicion of the other examples in your seven - well, other than my intrinsic suspicion of "holdings", "ventures", and "singles", but that's suspicion of the type of enterprise, not the domain principle (-:. The purpose of this is some kind of dilution. The purpose of what? Dilution of what? Surely they could come up with more than 2000 of those. Look at how many emojis there are, for inspiration... That gives me whatever the opposite of inspiration there is. [Though I do use them on Twitter as they only count as two (I think) characters.] Paul John -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf A. Top-posters. Q. What's the most irritating thing on Usenet? |
Thread Tools | |
Display Modes | Rate This Thread |
|
|