Slashdot Mirror
Ransomware Infects All St Louis Public Library Computers (theguardian.com)
An anonymous reader quotes a report from The Guardian: Libraries in St Louis have been bought to a standstill after computers in all the city's libraries were infected with ransomware, a particularly virulent form of computer virus used to extort money from victims. Hackers are demanding $35,000 (£28,000) to restore the system after the cyberattack, which affected 700 computers across the Missouri city's 16 public libraries. The hackers demanded the money in electronic currency bitcoin, but, as CNN reports, the authority has refused to pay for a code that would unlock the machines. As a result, the library authority has said it will wipe its entire computer system and rebuild it from scratch, a solution that may take weeks. On Friday, St Louis public library announced it had managed to regain control of its servers, with tech staff continuing to work to restore borrowing services. The 16 libraries have all remained open, but computers continue to be off limits to the public. Spokeswoman Jen Hatton told CNN that the attack had hit the city's schoolchildren and its poor worst, as many do not have access to the internet at home. "For many [...] we're their only access to the internet," she said. "Some of them have a smartphone, but they don't have a data plan. They come in and use the wifi." As well as causing the loans system to seize up, preventing borrowers from checking out or returning books, the attack froze all computers, leaving no one able to access the four million items that should be available through the service. The system is believed to have been infected through a centralized computer server, and staff emails have also been frozen by the virus. The FBI has been called in to investigate.
After two decades of this crap, you'd think they would learn.
Probably not.
...sounds like they have valid backups, so this should be considered a "success" story more than anything else.
Still, I do wonder if the admins were practicing valid security, how anything could have infected the entire system.
Mod me down with all of your hatred and your journey towards the dark side will be complete!
As a St. Louisan, I'm glad they're not paying. It sounds like there are some serious issues while they restore their systems, but it sounds like they do have backups. It will take awhile to clean up the mess, but I applaud them for not giving in to the criminals responsible for this. Although many articles aren't clear about this, the library did have backups to restore from, so despite the security breach, someone knew what they were doing well enough to avoid paying the ransom demands. Good for St. Louis not giving into these demands.
If they are just machines for public web browsing, there i3s no data to ransom. Just reinitialize them. Firefox works great on Linux BTW and you have a much smaller attack surface.
Nobody reads at the library anymore.
It takes a special kind of asshole to attack a library; a place where people go to learn and access the internet. Why go after one of the poorest resources and attack those that have the least to give? Go after the fucking fortune 500 companies but not a fucking library. One only hopes that anonymous could turn the tables on these slimy thieves.
Mostly reminds me of my experiences as a volunteer trying to support the public-use computers in the Austin Public Library. That was almost 30 years ago, way before we had anything like network access problems. Basically I wound up just wiping the systems every time I visited and restoring them as well as I could to their "legal" condition. The big problem in those days was just pirated software, especially an expensive CAD package, but the big threats these days are keyloggers intercepting passwords used for email and data stored in the network...
That reminds me of a much more recent fiasco involving Amazon and a public library in Indiana. Someone created a fake Amazon account in my name and validated the email address using some kind of bug in the Android app. Amazon never volunteered any meaningful details, but I'm believing the name and email address were just a dictionary attack. However, this thing went on for a year and a half before Amazon finally stopped it. One aspect of the scam obviously involved borrowing electronic books from a public library. If that was the only thing going on, then I'm only offended by the association of my name with some rather execrable books, but I think there must have been a money trail, too, or it wouldn't have gone on for so long... (Did you know you can escalate to jeff@ when you get desperate enough? At least it seemed to work in my LONG case, though the two-step solution was obvious in my FIRST contact with Amazon's customer so-called service.)
Historical trivia. Always want to close with a constructive suggestion, but it's hard to come up with one... Follow the money and break the criminals' economic models is kind of obvious, isn't it? Easy to say, but hard to do, even if the criminals are just ingenious fools.
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Why would you bother? If you're maintaining your images properly then you probably have a fresher, more up-to-date image for that particular model PC than what's on it anyway, so if you're going to spend so much time rolling-back you may as well instead deploy fresh. These are public terminals, by and large, user data on the local disk shouldn't be a factor at all.
Even for those users who have their own PC for themselves, if you're providing network storage and if the use of that network storage has been your corporate policy, then content lost on the local disk is their problem, not yours. Obviously try to be polite but don't commit to restoring data that was not properly saved.
Do not look into laser with remaining eye.
Oh No, they did not use Linux !
aaaaaaa
Second - St. Louis' libraries almost certainly can't afford to pay even one of these mutts. Libraries were once magnificent places where people went to read and borrow dead-tree media (a.k.a., books, although periodicals and reference works were also available there). While libraries have become the one publicly available free-as-in-beer places to get internet access, their core mission of providing free access to reference, literary and other materials was not directly impacted by this. One could still walk into a library, look up a desired text in the card catalog and physically access a nearly exploit-proof repository of knowledge and information. They don't have budgets for IT security which would prove to be exceedingly difficult to provide on hundreds of publicly accessible computers, nor do they have a mandate to provide electronic services.
Third - and this ties back to second - libraries in general don't have a budget for public IT. They can't afford the expertise to implement FOSS when the vast majority of the people who will maintain and use the provided services are not trained to use it. Even on their web presence, ease of implementation (which probably contributed to this problem) equals lower TCO for them.
Why? STL has backups and is restoring from them. That's why they're not paying the criminals. Banning bitcoin won't stop criminals from extorting money. Ruining their business model by having backups and refusing to pay, will be far more effective at stopping the criminals. STL's backups and decision to not pay are exactly what we need more of, to stop ransomware.
Perhaps, but it seems many hack at the library !
aaaaaaa
Do I need to say it again? A good back up strategy would get them back on line pretty soon - a few hours if not less.
In a time of universal deceit, telling the truth is a revolutionary act. George Orwell
Sounds like a perfect opportunity for some teenagers to set up a wifi mesh network inside the library and connect the mesh to the internet using burner phones. I hope someone did this! I would donate equipment to help build it if I were anywhere near St Louis.
These are public terminals, by and large, user data on the local disk shouldn't be a factor at all.
From TFA, it affected their servers as well. The system that allows patrons to borrow books and other items went down. So did access to all of the thousands of digital items the libraries offer. Re-imaging the public PCs should be simple enough, but restoring access might be hard if the systems that connect the libraries to the internet are down (gateways, firewalls, DHCP and DNS servers, etc)
Breakfast served all day!
If you choke off the flow of money, you won't even have to follow the money.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
You're aware St. Louis is full of white people, right? Oh, who am I kidding. You aren't aware of anything, which is why you're a fucking racist.
Except you can't trace it to any particular exchange. I mean if the criminal withdraws exactly $35000 an hour after the library paid them that amount, then sure it becomes (a bit) easier to track.
But if they withdraw it $100 at a time on a weekly basis or something just to cover their living expenses, or if they withdraw it through a Chinese or Russian bitcoin exchange or the such.. there's little that can be done.
For better or worse, Bitcoin was intentionally designed to be untraceable and while there may be the odd weakness that can be exploited, chances are they're not gaping big loopholes or this would have been a solved problem a few years ago when Bitcoin first became the currency of the underground (well "solved" in the sense that the underground would have stopped using it as soon as the flaws were discovered and we'd be having the same conversation about some new scheme.)
How exactly would you ban it? You'd have to shut down all BTC exchanges that deal in more or less decent real currencies worldwide. Making it harder for victims (in a particular country) to obtain Bitcoin might make collecting on these schemes harder and thus more unattractive to pull off in the first place, but even that doesn't seem feasible.
By the way, Bitcoin is traceable (by everyone) but anonymous.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
These nazis will block the account of any kid who takes a screenshot of a page of their books. They monitor them with keystroke loggers, just like any criminal hacker group. Good thng for them americans are too yellow to complain. But they can't control offshore whistleblowers.
Ransomware Thieves Cost Canada University C$20,000 In Bitcoin
Isn't it interesting how this works?
It's mostly used for illegal stuff anyway, and we have plenty of ways to transfer money that are traceable. We don't need bitcoin, or any cryptocurrency.
Mostly illegal? How about almost entirely? Bitcoin has been a boom for criminal enterprises, which in my opinion is the only widespread use case they have presently.
I'm aware some people think having this semi-anonymous, decentralized, ungoverned currency around is somehow cool and/or beneficial, but is it really necessary? And given the fact it's main use is for criminal behavior, do we really need its perceived benefits when it's main use is for crime?
Sadly, the scarcity of Bitcoins which have a perceived value and their decentralized nature makes them very difficult to just 'ban.' Hell, by outlawing them, you probably increase their perceived value.
Like many of the genies we've let out of the bottle in the modern information age, this one is not so easy to put back in.
Banning bitcoin means they have to use other means - traceable means. Making the purchase, trade, or transacting in bitcoin a crime - if the business or individual being asked for ransom can't buy bitcoins, that ends that.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
When you see a phrase like "a particularly virulent form of computer virus", that usually means "We don't even have basic protection on our systems, so we will make it sound as if the virus is really really mean".
So shut down all the exchanges. Make it illegal to use credit or debit cards or cheques, money orders, etc. to purchase bitcoins. DDoS bitcoin exchanges, or just flood them with fake transaction attempts that never go to completion. Ban bitcoin use in commerce. China won't be happy, because they're the ones controlling the mining of bitcoins, but hey, it's a scam anyway, and an enabler of crime, so screw them.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
They're actually pretty centralized - China controls the majority of bitcoin mining.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
In this case it is the authorities who are the clowns, acting too little and too late to do anything worthwhile. A investigatory flying squad https://en.wikipedia.org/wiki/..., should be the first ones on the scene as soon as it is reported. This to gather evidence for proper investigation. This requires additional effort, as you can not just strip the victim of the core computer hardware but must provide a temporary stop gap and get it up and running, whilst the infected machines are properly analysed or even honey trapped. Real focus needs to be taken to tackle high end organised computer crime whether it be criminals or foreign agents (in reality much the same kind of criminal, a lot more exchange goes on there than is allowed, a whole lot more).
Chaos - everything, everywhere, everywhen
Well it might work, but what exactly would be the legal basis to do this?
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
Of all places libraries should be adopting Free Software and rolling out systems that make it easy to surf anonymously / maintain them. For instance network booting may have helped this situation, alongside proper backups, and similar.
I did a quick count, and the city of 1.4 million people I live in has 59 libraries. St. Louis has 2.9 million people. Very few of them read apparently.
I suppose. That's definitely thinking as to why I don't have every system that I use joined to the domain and why I have non-Windows machines that I can work from both as workstations and as servers, and why those that are servers are real physical boxes instead of hypervisors or some other form of VM...
Do not look into laser with remaining eye.
Sharing copyrighted material, eh?
trollin trollin trollin, Barbara keeps on trollin!
There are a lot of cryptocurrencies to ban. Bitcoin is just the most famous.
https://en.wikipedia.org/wiki/List_of_cryptocurrencies
Doesn't matter to Barbara Hudson now, support for Emperor Trumpentine is absolute and unquestionable, any vicious brutality will be endorsed. Any.
If a user can install any software (intentionally or unknowingly) then that system was not properly locked down. It is easy to whitelist binaries in Windows systems. There are Linux distro which is booth only versions, which means nobody can modify the filesystem. Users who want to save or create documents should bring their own USB sticks or blank CD/DVD because there's no write permission on the system drive.
This is not an actual life-form. Why not just call it clever software written by thugs and thieves?
I think perhaps your previous post was missing a word:
Bitcoin will make it harder to collect ransoms
Perhaps that was supposed to be "Banning bitcoin"? Which would make a bit more sense grammatically to boot :P. And of course completely negates the meaning and thus my response!
"Libraries in St Louis have been bought to a standstill after computers in all the city's libraries were infected with ransomware, a particularly virulent form of computer virus used to extort money from victims".
Do you mean a Windows Word Macro virus?
Blacks do not like to read.
You say "China" like you mean the country, when you actually mean "China" like Chinese people.
"The system is believed to have been infected through a centralized computer server."
Not exactly sure what that means, but it seems to indicate that the problem didn't originate with an end user. I expect that they were smart enough to lock down the clients which are accessible to the public.
I don't support Trump OR either Clinton (Clinton #1 removed Glass-Steigell, causing the subprime crisis years later by letting banks do stupid things, Clinton #2 - just look at the middle east, Trump - he's no Bernie Sanders, who was the only reasonable candidate - and the fact that he was left of the DINOs - Democrats in Name Only - is a bonus).
So don't be stupid with your lies - anyone can search my history and find your accusations of my supporting Trump are full of shit. You elected him, you get the government you deserve. And you better damn well hope he has a successful presidency, improving the lot of the average American, rather than cutting your nose off to spite your face like a spoiled child who didn't get their way and blames everyone (Russia! Russia!) for your candidate's loss.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
St. Louis is about 50/50 black and white. But you're the only one who brought up race.
You mean like gift cards? There are some many ways to anonymize money these days.
No, I mean "China" like the country, not Asians in general. China controls the majority of bitcoin mining. Stop being an ass.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
EVERY gift card is traceable to the point of purchase. If you thought otherwise, you're naive as all hell.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
To the point of purchase (the victim). By the time anything happens after that, it's relatively untraceable.
I don't support Trump OR either Clinton (Clinton #1 removed Glass-Steigell, causing the subprime crisis years later by letting banks do stupid things, Clinton #2 - just look at the middle east, Trump - he's no Bernie Sanders, who was the only reasonable candidate - and the fact that he was left of the DINOs - Democrats in Name Only - is a bonus).
There you go again, lying about how Republicans wrote the law known as the Gramm Leach and Bliley Act:
Respective versions of the Financial Services Act were introduced in the U.S. Senate by Phil Gramm (Republican of Texas) and in the U.S. House of Representatives by Jim Leach (R-Iowa). The third lawmaker associated with the bill was Rep. Thomas J. Bliley, Jr. (R-Virginia), Chairman of the House Commerce Committee from 1995 to 2001.
Since you can provide no documented record of advising Bill Clinton to veto this law, it's quite obvious you are only opposing it out of convenience to attack someone you personally hate and despise. Not only that, you were praising George W. Bush's fraud based economy, and praising it even as it faltered, and then suddenly you viciously turned on Obama, when it was something you could blame on a Democrat, who you personally hate and despise.
That you throw in the Middle East, when that's been a hot mess of simmering conflict for over a century, when your God-King, Emperor Trumpentine's best remark is that he can't be blamed for any of the political decisions, and his worst is that he supports the idea of stealing the Mid-East's oil for his own enrichment, is also showing the lack of authenticity to your criticisms.
Pretending to support Bernie Sanders when it's documented you despised him is only furthering your deceits. You don't care about him, you merely use him to cloak what you know is the repugnant love you have for Emperor Trumpentine. You know if you came out and admitted you have sworn allegiance to the Lord of the Toads, you'd never be believed.
So don't be stupid with your lies - anyone can search my history and find your accusations of my supporting Trump are full of shit.
Anyone can search read this post and find you blindly support and endorse Emperor Trumpentine, and are incapable of articulating any kind of criticism against your Lord and Master, and instead vehemently denounce any opposition to him.
You elected him, you get the government you deserve. And you better damn well hope he has a successful presidency, improving the lot of the average American, rather than cutting your nose off to spite your face like a spoiled child who didn't get their way and blames everyone (Russia! Russia!) for your candidate's loss.
See? There you are, supporting Emperor Trumpentine again, telling his critics to shut up and start praising your Lord and Master. There will be no questions allowed.
Nobody even had to search your history. You provided it in this very post.
Now quick, get thee to the worship hall, and praise your Lord and Master once again. He is, in fact, your God-King, you gladly seek out his abuses.
STILL WORK!
The only danger to them is the occasional termite
Wrong. The gift cards still need to be redeemed at some point. They all have unique IDs.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Pretending to support Bernie Sanders when it's documented you despised him is only furthering your deceits.
I dare you to find ANYTHING that "documents" that, you fucktard. Oh wait - you can't. That's why all you can do is post lies on slashdot with no proof. But tell us again how it wasn't Bill Clinton who signed the law, even though it was, and I even provided the link.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
My local library runs a Linux server with thin clients. The browser is the publicly facing interface. Even the high school assistants know how to restart X. I am not aware of the system ever failing, even though the admin has redundant systems in place.
In that library, everything just works.
I work for an MSP, so dealing with Ransomware is what I do 99% of the time anyone gets infected. It's all the hotness in infections. Typically comes from drive-by infected adds, bogus browser and flash update, and e-mail attachments. The scope of infection is limited to user access. So, without local admin access, typically only the local profile gets infected, and the data they have access too via mapped drives. With local admin access, the box is hosed. IF the numbnut sys-admins granted domain user access to the Domain Administrators security group (network God mode effectively), it will hose any and all computers and servers it can find. And yes, dumb fucking admins will do that because they're too fucking lazy to be answering requests for software installation and/or securing the network. BAD IDEA!!!!
Just FYI, as a Windows system administrator, not even I have my primary login assigned Domain Admin membership. If I need to login with a Domain Admin account, I have a separate AD account used for utilitarian reasons. If I fuckup and click on something I shouldn't, at least its my ass and not bringing down the entire network (though I know better, honestly).
BTW, Veeam is a badass backup solution!!
Life is not for the lazy.
That means you can maybe see the start and end. You buy it with cash, it gets traded/sold numerous times. You can see when/where it was spent, but you can't follow it back through its path
So what - you nab the people at each end. That is deterrent enough - especially since the people at both ends are the ones attempting to launder the money.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
You don't get my point - the republicans spent 20 years trying to pass similar bills, and couldn't - not even with a republican president. So along comes Bill Clinton, and signs it. Clinton - not Bush Sr., not Ronnie Star-wars Ray-guns.
Oh my, you admit that Republicans tried to pass similar bills. But you aren't saying they wrote it. And yet here you are, continuing to blame Bill Clinton, that was your focus. Because you personally hate and despise him.
You didn't say one word against the people who wrote the bill, and you most especially will not challenge Emperor Trumpentine.
Pretending to support Bernie Sanders when it's documented you despised him is only furthering your deceits.
I dare you to find ANYTHING that "documents" that, you fucktard.
It's right here, in this very thread. You're using him, with no regard or support for anything Bernie said or did, all you care about is that you can use your feigned support (recently adopted) to protect Emperor Trumpentine from criticism. That's your own agenda. Well, that and yelling about Bill Clinton because you personally hate and despise him.
As usual. Of course, you started off screaming about Bitcoin, but eh, you quickly jumped into the fact that you love Emperor Trumpentine and want to see him use the awesome power of his big bombers. That gives you a thrill, doesn't it? You just want to act out your rage, and ride like Slim Pickens.
Oh wait - you can't. That's why all you can do is post lies on slashdot with no proof. But tell us again how it wasn't Bill Clinton who signed the law, even though it was, and I even provided the link.
You're the one who can't document any evidence you opposed the Republicans when they were writing the law. Go ahead, tell us how you said one word against it. Go ahead.
Oh wait, no, you were cheering it all along, because it was a Republican idea that you finally got to advance. Only now, now, when it doesn't benefit you to deny its failure(though you personally like the banks getting a chance to screw millions of Americans), do you complain about it, choosing to attack Bill Clinton, who you personally hate and despise, and protect your lord and master, Emperor Trumpentine.
Keep showing your love for him, selflessly destroy yourself, all to get his attention, and who knows, maybe you'll succeed...in being crushed beneath his booted heel.
Bill Clinton and the democrats had a majority in both houses when he signed the law into place. If they hadn't liked it, they could have stopped it - they had absolute majorities in the House of Congress, the Senate, and they also controlled the White House. They certainly had the power to re-write it, or not pass it, and a presidential veto would not have been overridden by republicans because there just weren't enough of them.
So show me ONE SINGLE REASON why anyone should believe that Clinton was opposed to it? The dems LOVED it, or they wouldn't have passed it. They sure as hell could have changed anything they wanted - but democratic fiscal policy then was pretty much the same as the neocons, same as Hillary is to the right of what passes for moderate republicans (like there's anything "moderate" in US politics any more).
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.