The computer "started to shake"

mmj_uk said:
Why don't they just pay the money? or do the ransomware scammers just take your money and run? Anyone stupid enough to run a random executable shouldn't be working for the council.
Click to expand...

Apart from being a bad idea.

Do you think they have the ability to know how to buy and use Bitcoins even with instructions when they can't even do a basic backup. :D
 
Rroff said:
Probably had some kind of bitcoin type malware bundled which caused the CPU and GPU fans to spin upto max.
Click to expand...

I'm guessing a council office computer isn't going to have a dedicated gpu and won't be that powerful. Even with the cpu fan maxed out and even if it did have a gpu I can't see that causing the pc to shake unless it was sitting on 3 legs maybe :)
 
Cheap case with old hard drive suddenly going full going full encryption mode would make a lot of write head movements so could make it rattle.

I <3 my silicone HDD grommets. :)
 
Sasahara said:
Cheap case with old hard drive suddenly going full going full encryption mode would make a lot of write head movements so could make it rattle.

I <3 my silicone HDD grommets. :)
Click to expand...

I <3 my SSDs :) Waiting on the price of those lovely 2TB ones to come down a bit.
 
ZeroG said:
I'm guessing a council office computer isn't going to have a dedicated gpu and won't be that powerful. Even with the cpu fan maxed out and even if it did have a gpu I can't see that causing the pc to shake unless it was sitting on 3 legs maybe :)
Click to expand...

Intense fan vibration could be misconstrued as shaking
 
Malevolence said:
Not woken up and your coffee yet, or just not feeling too smart today?
Click to expand...

If there's a chance they will get the unlock code then why not. I'm guessing these ransomwares are a few hundred pound and most councils probably throw more than that away on a minute by minute basis anyway.
 
Any decent sys admin (I am one!) worth their weight would make sure a .exe file would never get through to the mailbox. When talking about users, assume they know nothing/brain dead and need protecting from themselves.
 
mmj_uk said:
If there's a chance they will get the unlock code then why not. I'm guessing these ransomwares are a few hundred pound and most councils probably throw more than that away on a minute by minute basis anyway.
Click to expand...

Why encourage more ransomware? It exists because people pay. If people didn't pay there would be no point.
 
Sasahara said:
Cheap case with old hard drive suddenly going full going full encryption mode would make a lot of write head movements so could make it rattle.

I <3 my silicone HDD grommets. :)
Click to expand...

I remember a couple of my old machines would "shake" if the hard drives were busy.
Full towers with thin metal panels and as this was back in about 2000-2004 no such things as rubber grommets on the drive trays (I think the Sonata in about 2003 was the first mainstream case to have that feature), the panels would just start vibrating due to the drives and it was noisy and noticeable as movement on the panels.

I can quite imagine a cheap officer computer that's been kept going due to budget cuts having a similar problem,
 
Pawnless Endgame said:
Fixed.

It's basic IT to know the difference between a PDF and an EXE and those disguised "PDF.EXE" extensions. The full filename shows up on Outlook! I can see for myself and I have one eye only and about 10% vision left in my eye, so it's bloody no excuse for people with normal vision! :mad:
Click to expand...

I get loads sent to me from County on my NHS.NET account but according to another thread PDFs can be infected.
This last week I had to get IT involved because somebody had hijacked my old UHNS account that still works and I've been getting emails returned with angry people but I can't see what the hijacker originally typed.
 
That's a bog standard ransomware/cryptolocker attack.

If they had proper backups in place they could have fixed the issue with a few hours, maybe a day or 2 if offsite tapes were needed.

Computing 101.

Oh and to say the email shouldn't have gotten through - even the best email filter systems can't catch everything, some of the emails look VERY convincing and only after a 2nd or 3rd look are they obvious as being not genuine...

Send enough emails to enough employees in enough companies and someone is bound to click on one, the general awareness of end users is... lacking somewhat, most of the time :rolleyes::mad:

The solution is to have a robust back up system in place, looks like they found out the hard way....
 
Ransomware used to be the bane of my life at work. :p

Thankfully I haven't had a call about it for a long while...
 
TallPaul_S said:
That's a bog standard ransomware/cryptolocker attack.

If they had proper backups in place they could have fixed the issue with a few hours, maybe a day or 2 if offsite tapes were needed.

Computing 101.

Oh and to say the email shouldn't have gotten through - even the best email filter systems can't catch everything, some of the emails look VERY convincing and only after a 2nd or 3rd look are they obvious as being not genuine...

Send enough emails to enough employees in enough companies and someone is bound to click on one, the general awareness of end users is... lacking somewhat, most of the time :rolleyes::mad:

The solution is to have a robust back up system in place, looks like they found out the hard way....
Click to expand...

Surely any decent system would block all .exe files, even if inside .zip files?

Users are usually the weakest link in any system.
 
ZeroG said:
Surely any decent system would block all .exe files, even if inside .zip files?

Users are usually the weakest link in any system.
Click to expand...

Sounds like they didn't have a decent system ;) But even if they did, there's a simple reason some will slip through.

We block all .zip files (and .exe files, obviously), but the emails won't ever have a .exe attachment sitting there, as this will be blocked by any basic mail security program (and the scammers know this). They'll have the attachment appear to be a .zip file or pdf/word/excel document or similar and the malicious file will be be disguised as these or be embedded in the document.

A popular one is an invoice email with a .xlsx attachment. Or a delivery notification from "DHL" with a PDF attached.

The .zip file blocking is actually slightly annoying at times as we can't send files we know to be genuine but the there's a reason for it, so it's not a big deal.

At the end of the day, companies need to have regular staff training, along the lines of "Don't open something if you don't know what it is!!!!!" :D and have a proper backup system in place, then when this happens, it can be fixed easily.

I speak as someone who works in IT, we've had to deal with the aftermath of cryptolocker attacks which have encrypted thousands upon thousands of files - these have all been fixed by the next day and only a few hours work lost in every case. Why? because of a robust backup system :D
 
Last edited:
Pawnless Endgame said:
Yeah users.

We say PICNIC: problem in chair, not in computer.
Click to expand...

Yup. God I hate users.

It's great when a good portion of the people you speak to on the phone can't remember their password after the weekend, or don't know where the start menu is, or call to say 'all my emails have dissapeared!!!' then you shadow their session, and click on the little white triangle next to their mailbox, and suddenly you're a genius... :rolleyes::p:o:mad:
 
You must log in or register to reply here.
Back
Top Bottom