[AusNOG] The Ransomware to come
James Hodgkinson
yaleman at ricetek.net
Sat May 13 13:59:26 EST 2017
Security is normally talked about with regards to Confidentiality,
Integrity and Accessibility. Encryption, Cryptography (and other methods
for Non-repudiation) and Service availability are all very much in the
class of "solved problems" for those that care, and in many cases solved
on behalf of those that don't.
Leaving local file sharing services open to the internet, not patching
critical vulnerabilities (nearly two months to the day) and wondering
why things get onto your network? Anyone that doesn't build a roof over
their head is going to get wet when it rains. That's not even having
your pants on the right way around at this point.
Every current operating system has a host-based firewall which is either
on by default or easy to enable. SSL's entirely free, and unless you go
out of your way to turn off updates or these other systems, then you're
fine. I know a couple of environments which haven't patched, but the
only way for this to hit them is for a bunch of other simple-to-implement-but-hard-to-
bypass controls to be manually disconnected.
What security could we build into the protocol that isn't already in
the layers available? I'd love to know, so I can start helping to
make it work.
James
On Sat, 13 May 2017, at 12:31, Paul Wilkins wrote:
> In light of today's ransomware attack, (74 countries/with demands
> translated in 28 languages), I'm tempted to take a step back and take
> a longer optic on the gap between what the internet was meant to be,
> and what exists today. The OSI model which built the net was built on
> implicit trust between each layer and the one above. It was never
> anticipated that in a couple of milliseconds, a few hundred packets
> from Kazakhstan could span the globe to hard drives around the world,
> and a ubiquitous operating system would then lock up people's data
> with hard cryptography.> You don't even need to play Cassandra to realise there's a genuine
> risk sooner or later, someone will sign a driver (ala Stuxnet), and
> significant portions of the global internet population will lose their
> data. Actual costs could run to billions of dollars. Unfortunately it
> will likely take an event of such magnitude before there's broad
> recognition that the trust model of the internet built on ipv4 is
> fundamentally broken, and we need a new network protocol that supports
> integrated security, and this would be a more worthwhile exercise than
> replacing ipv4 with ipv6.>
> Kind regards
> Paul Wilkins
> _________________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20170513/d3386b0c/attachment.html>
More information about the AusNOG
mailing list