Ransomware: Cut The Head Off The Snake
The Market Ticker - Commentary on The Capital Markets
Logging in or registering will improve your experience here
Main Navigation
Full-Text Search & Archives
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions. For investment, legal or other professional advice specific to your situation contact a licensed professional in your jurisdiction.

NO MATERIAL HERE CONSTITUTES "INVESTMENT ADVICE" NOR IS IT A RECOMMENDATION TO BUY OR SELL ANY FINANCIAL INSTRUMENT, INCLUDING BUT NOT LIMITED TO STOCKS, OPTIONS, BONDS OR FUTURES.

The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.


Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be sent unmodified to lawmakers via print or electronic means or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media, to republish full articles, or for any commercial use (which includes any site where advertising is displayed.)

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.

Considering sending spam? Read this first.

2021-06-04 07:00 by Karl Denninger
in Technology , 946 references Ignore this thread
Ransomware: Cut The Head Off The Snake
[Comments enabled]

Here we are again with JBS this time....

"It’s time for the United States to start putting heads on spikes when it comes to confronting and dismantling ransomware groups," Kitchen said.

"If President Biden does not confront Vladimir Putin about the ransomware groups perpetrating from within Russia, he will be failing in his duty to protect the United States from these types of attacks," he added. 

Again, meh.

Oh sure, it's all Putin's fault.  Well, no.

When have we put heads on spikes when it comes to the flow of fentanyl precursors out of China, for example?  That would be never, and why?  Because Nike, Apple and myriad other firms are all over there.  I think it's fair to assume that Putin's government itself is unlikely to be involved in such things, but there are criminal gangs everywhere, including here.  Why haven't we, for example, put Mexico's government heads on spikes over their criminal drug gangs that are all over the United States?  How about the "refugees" coming from places that are full of MS-13 and similar?

Yeah, ok.

Ransomware is rather simple, really: Don't do stupid things with critical control and infrastructure equipment.  As I've said before the real problem isn't "ransomware" per-se; it has no value unless the ransom can be paid and further, unless said infrastructure is connected to the Internet either directly or indirectly (e.g. through some other device) it can't get on the network in the first place.

I'd be more than happy to redesign anyone's infrastructure so that this can't happen.  You could run Windows XP on that network if you wanted to and, other than by direct, intentional sabotage by an employee nothing's getting in there.

But -- your snowflakes that work there couldn't use their computer on their desk to play on Facesucker, Instascrew or the myriad other time-wasting things they do.  They couldn't run their "side hustle" on the company dime or play around on Tinder.  Their phone wouldn't work in the building network and the USB ports would either be disabled in firmware or stuffed full of hot glue to prevent someone from jamming a thumb drive in there contaminated with whatever.  And there could be no exceptions, including out of the CEOs and CTO's offices, which is where a lot of them originate these days because, well, privilege with office.  Nope.

Without both policy and enforcement you have nothing and that means putting a stop to the cryfest from people up and down the line.  You're here to do a job, period, and here are the parameters.  Violate them, you will get caught and my boot is going to be up your ass ejecting you out the door no matter who you are.

In the US at least we could ban cryptocurrency transactions entirely, which would make paying a ransom impossible.  If you can't pay then there is no way for a cryptojacking (which is what I dubbed these years ago) to be profitable and therefore no point.  If firms cut the bull**** about shared privilege and authorization across devices there'd be a hell of a lot less of a problem too, but also much less convenience.  Oh, work from home eh?  Fine -- with a machine that is owned and controlled by the company and can't do anything else as it's nailed back into the corporate infrastructure and if you **** with it you both get fired and it's immediately disabled, with enough auditing to catch it very rapidly if you do play around.

As I've repeatedly pointed out in these pages over the last 10 or so years these problems are not THAT hard to solve but you have to put process before stupid, which nobody wants to do because, well, snowflake and diversity hires in front of merit.

Hope you don't like running water and power as eventually they'll get hit too.

Go to responses (registration required to post)
 

 
Comments.......
User: Not logged on
Login Register Top Blog Top Blog Topics FAQ
Showing Page 1 of 3  First123Last
User Info Ransomware: Cut The Head Off The Snake in forum [Market-Ticker]
Engineertype
Posts: 19
Incept: 2020-03-20

Granville NY
Report This As A Bad Post Add To Your Ignored User List
In the past few years I have worked on a few sewage treatment plant control systems. Same **** (pun intended) with them. They were all set up to allow remote access. I just tried logging into one that I worked on about 10 years ago. No problem, same password still. Some industrial systems are even worse, with direct access from the outside to the programmable logic control (PLC)running the process. A lot of the hardware is old and very few are properly backed up. A knowledgeable person could open Pandora's box pretty easily.
Asimov
Posts: 126848
Incept: 2007-08-26

East Tennessee
Online
Report This As A Bad Post Add To Your Ignored User List
Quote:
with a machine that is owned and controlled by the company and can't do anything else as it's nailed back into the corporate infrastructure and if you **** with it you both get fired and it's immediately disabled, with enough auditing to catch it very rapidly if you do play around.


There are some that can manage to do this, the company I just started working from home for appears to be one. I don't even understand entirely what they've done. I was just given a little bitty thin client and told how to login (which requires 2fa) everything was set up and waiting. Windows is running in a virtual environment and it runs through their vpn. That's about the sum total of my knowledge - and that's probably as it should be. Definitely no youtube/facebook/etc accessible from there.

----------
It's justifiably immoral to deal morally with an immoral entity.

Festina lente.
Contra-2
Posts: 96
Incept: 2020-04-21

Report This As A Bad Post Add To Your Ignored User List
The JBS takedown, the Colonial Pipeline shutdown, the increasing number of unidentified drone flights over critical US infrastructure look like information-gathering operations and probing attacks by the Communist Chinese.
Biden and the Media are "under orders" from their Chinese overlords to pin it all on the Russians. If Biden could provoke a war with Russia, the US and Russia would beat each other to a pulp. If they took each other out there would only be one superpower left standing, Communist China.
If there's money in it for him China Joe Biden (and his buddy, Barak) will do whatever the Chinese Communists ask him to do.
Dmj625
Posts: 1566
Incept: 2010-03-01

NOLA on assignment to NOVA
Report This As A Bad Post Add To Your Ignored User List
Yep. My company has all of our critical business systems on a discrete network with no internet connection. I have a desktop computer that is connected to it.

For internet access, we have thin clients on a separate external facing network.


----------
Sometimes I wonder whether the world is being run by smart people who are putting us on, or by imbeciles who really mean it. Mark Twain
Cmoledor
Posts: 60
Incept: 2021-04-13

Akron Ohio
Online
Report This As A Bad Post Add To Your Ignored User List
I think this is all being set up for the cyber polygon test run in July. Supposed to simulate cyber attacks on the supply chains. They always announce their plans. Bastards.

----------
The whole world is one big ****ing scam
Fumei
Posts: 2061
Incept: 2019-01-08


Online
Report This As A Bad Post Add To Your Ignored User List
So in which state will the paint dry first and the running water runs dry and the electric power grid completely fails?
Heartlander
Posts: 156
Incept: 2021-02-25

Report This As A Bad Post Add To Your Ignored User List
@Cmoledor

Holy crap, I had not even heard about that. We are so screwed.

I don't trust Alex Jones as far as I can throw him, but here's something from his website that is pretty chilling:

https://www.newswars.com/cyber-polygon-2....

And you're right. They do always announce their plans. That's what makes this so scary.
Hcs
Posts: 15
Incept: 2018-01-02

maryland
Report This As A Bad Post Add To Your Ignored User List
technology isn't the only cure here..i have seen air gapped systems...aka fully offline..get compromised because..people are stupid. Not only do you have to have proper network design but the other issue i see in my consulting work all the time is they spend big on tech..but zero on training, policies, AND enforcement. All the tech in the world will not help you if you do not have the training and policies in place. It's also crucial those policies have teeth are are enforced. The third one is the one that falls to the wayside because folks do not want to be "mean" or "hurt anyone's feelings" or some other BS...

I make my living fixing issues like colonial...sometimes folks want to prevent such messes...but that's not the case usually.
Hcs
Posts: 15
Incept: 2018-01-02

maryland
Report This As A Bad Post Add To Your Ignored User List
It's also exceptionally easy to make your traffic look like it's coming from japan, or Russia, or the us,,or anywhere. Attribution these days is almost always attributed to china or Russia...but i find that suspicious given the unreliability of the modern press..both print and online.
Greenacr
Posts: 269
Incept: 2016-03-15

Northern Ohio
Report This As A Bad Post Add To Your Ignored User List
America will probably only awake from their slumber on this after there is a major takedown of the power grid. If that happens all hell brakes loose for the period of time that the power is out.

After the JBS incident I topped off my home propane tank so that I have plenty of fuel for the whole house generator
Whossane
Posts: 156
Incept: 2018-01-25

Report This As A Bad Post Add To Your Ignored User List
Who determined that it was Russian hackers? The FBI? Crowdstrike? Do we even have a federal law enforcement agency with any credibility left? Why is it that every single hack comes from Russia and none from China? I seriously doubt Smithfield Foods will get hacked.
Thelazer
Posts: 528
Incept: 2009-05-11

Davenport, Fl
Report This As A Bad Post Add To Your Ignored User List
Yet our elections could NEVER be hacked..... sure....
Cmoledor
Posts: 60
Incept: 2021-04-13

Akron Ohio
Online
Report This As A Bad Post Add To Your Ignored User List
@Heartlander. You can bypass AJ. Just type in cyber polygon. Hell they have their own web site you can read for yourself without any input from the Jones crew. Im not a fan of his to be honest. But yeah. Ive got lots of popcorn for this event. I smell something in the air. I hope Im just crazy though.

----------
The whole world is one big ****ing scam
Tivertonian
Posts: 16
Incept: 2020-05-17

Mid Atlantic
Report This As A Bad Post Add To Your Ignored User List
I think the truth is this. The United States is far behind Russia and China in cyber hacking.

Everything in government is riddled with far too many processes, group think committees and lawyers. Government hires far too many admins and far too few technical people.

They measure everything 45 times and gather 600 signatures for anything they do. By then, most everything is OBE.

What's the solution? Add MORE people, layers of bureaucracy and oversight, of course! All those buildings in DC have zillions of paper pushers checking boxes and they aren't giving up anything for "the good of the country".

Now, leave the market-ticker website, and get back to your diversity, inclusion and intersectionality training. We have a training mandate and it's due by COB today. Keep your head down and follow instructions.
Tickerguy
Posts: 174197
Incept: 2007-06-26
A True American Patriot!
Report This As A Bad Post Add To Your Ignored User List
@Tivertonian - Meh.

As soon as you think you're the smartest person in the room, say much less the planet, you're ****ed.

If you want to survive in an adversarial world, and the world is ALWAYS adversarial, you treat it that way and you consider yourself STUPID. This in turn means you must always assume there is someone smarter and more-capable than you are, no matter the field or situation, and design for THAT reality.

----------
I don't give a flying **** if you're offended.
Geckogm
Posts: 5406
Incept: 2007-06-26

Canyon Lake
Report This As A Bad Post Add To Your Ignored User List

Now Scripps Hospitals is going to enhance security. Another pathetic journalistic embarrassment. Who writes this tripe who believes it? On another note how much did JBS pay in ransom. Oh and the 5 million reportedly paid by colonial. Cough bull****.

https://timesofsandiego.com/business/202....
Captainkidd
Posts: 2524
Incept: 2010-05-25

Houston, Texas
Report This As A Bad Post Add To Your Ignored User List
Quote:
As soon as you think you're the smartest person in the room, say much less the planet, you're ****ed.


I have a BIL that once actually told me..
"I'm always the smartest guy in the room."

My reply: Well, that may be. There's just you and me, sitting here, and I don't know, and wouldn't swear, if I'm the smartest guy in the room. But, I know for sure I'm not the dumbest guy in the room, so I'm good with that.

----------
A lawyer with a briefcase can steal more than a thousand men with guns. --Mario Puzo

It is well enough that people of the nation do not understand our banking and monetary system, for if they did, I believe there would be a revolution before tomorrow morning. -- Henry Ford
Gianmarko
Posts: 198
Incept: 2013-03-11

Bern, Switzerland
Report This As A Bad Post Add To Your Ignored User List
i work with telecommunication equipment.

everybody who work for the equipment operator, or for the suppliers, has access to internet AND to the equipment, but things are designed properly so attacks from outside are very difficult and have not be seen so far. plus, anything dealing with critical functions is either using proprietary software, or properly hardened and managed linux/unix boxes, and is usually isolated from the internet through several layers of access.
most employees use windows, personally i dont even know how windoze 8 and following look like.

i run a sftp server on my home network, and it exposes a port to the outside world. they have been trying to brute force the password since 10 years, and still trying. 90% attacks come from china.

Captbill
Posts: 873
Incept: 2008-07-22
A True American Patriot!
Arizona's West Shore
Report This As A Bad Post Add To Your Ignored User List
Quote:
Hope you don't like running water and power as eventually they'll get hit too.


I believe the Holy Grail will be the power grid and I also think they are leading up to that (gas and now a meat outlet). Wait until July/August when demand is highest.

The grid is so interlinked this will be the big prize.

----------
How fortunate for governments that the people they administer dont think.
- Adolf Hitler
Tickerguy
Posts: 174197
Incept: 2007-06-26
A True American Patriot!
Report This As A Bad Post Add To Your Ignored User List
@Captbill - Yep. An absolute nightmare scenario is to manage to tamper with the reconnection algorithm then split off some part of the grid. The tampering deliberately ****s the reconnect algorithm so when it closes it does so 180 degrees out of phase.

The damage resulting from that would be unbelievable. Done in a number of places at once it could be catastrophic, as much of that gear is more-or-less bespoke with few spares. Nail enough of it and they can't fix it as the spares don't exist; producing those components takes months.

Exactly how bad that could get is unknown but if it happens it's not going to be fun.

----------
I don't give a flying **** if you're offended.

Flaps10
Posts: 7343
Incept: 2008-10-17

PNW
Report This As A Bad Post Add To Your Ignored User List
At my job youtube is blocked, web email is monitored, etc. Thumb drives don't work and will immediately notify security if you stick one in.

We are routinely fished via email by IT and we have an internal website to see how often we fall for stupid **** and click on it. My score sheet is clean.

I have a good friend in the cattle business - specifically controlling diet via scientific methods. These animals get weighed every week and their diets adjusted accordingly. They use facial recognition software (ear tags are old school) to identify each one. I asked him if this was really a big deal, and why lack of computers would shut the industry down.

He says he has customers who bring in and distribute 3 million pounds of feed per DAY (that's a lot of damn trucks). The trucks are guided by GPS to various locations and told how much to dump at each spot.

I said "well the trucks are still coming and the animals are still bellying up to the trough, so what's the big deal?". He said they're getting it done, it's just more work.
Redjack
Posts: 566
Incept: 2018-01-29

Iowa
Report This As A Bad Post Add To Your Ignored User List
I used to think Alex Jones was nuts and wrong.

But he is being proved right more and more.
He was talking about Epstein a long way back .
Flaps10
Posts: 7343
Incept: 2008-10-17

PNW
Report This As A Bad Post Add To Your Ignored User List
I believe a lot of power grid components would be expected to ship from China. Or not.

Hmm.
Cheetah9
Posts: 130
Incept: 2021-02-15

Northern Alabama
Report This As A Bad Post Add To Your Ignored User List
Russia...China... Will anyone consider the ****ery out of Israel??? Or is that too hot to touch because of "god forbid" antisemitism? **** that ****!
Point being made here is Israel has turned into the global leader for network security **** and a lot more. They seem to be holding all the cards for many entities; public and private. I am a total retard in this world of tech and internet **** but I can read and put my pants on too most mornings. :)
Russia and China are no doubt involved in these hacking things but the king maker imo is not even questioned for these things OR anything else for that matter!
Login Register Top Blog Top Blog Topics FAQ
Showing Page 1 of 3  First123Last