Good Sam Community

wa8yxm wrote:
How do big systems get infected.. Cats (Well that's one way) Yes Cats.
Suzie over at her secretary's terminal downloads a cute little TSR that has a cat walking across the top of any page opened in Windowed Mode... Or Bob, he downloads a cute cat video so as to impress Suzie cause he likes her and knows she likes cats.. Or Harry (Real person) Downloads a Clown Photo (He really did) that is infected

All on the company system... Note I left off Harry's last name.. That one got me eventually. I did get rid of it however.

Think that could even infect White House Computers.......

'cause POTUS likes cats, doesn't he?..:W..:B

~

How do big systems get infected.. Cats (Well that's one way) Yes Cats.
Suzie over at her secretary's terminal downloads a cute little TSR that has a cat walking across the top of any page opened in Windowed Mode... Or Bob, he downloads a cute cat video so as to impress Suzie cause he likes her and knows she likes cats.. Or Harry (Real person) Downloads a Clown Photo (He really did) that is infected

All on the company system... Note I left off Harry's last name.. That one got me eventually. I did get rid of it however.

Before you cast aspersions on those CIOs, it's not uncommon for those institutions to be saddled with applications that are dying, dead and unsupported. If you think they don't get budget for networking, they sure as heck don't get budget to migrate off legacy applications.

I'm told that you can still find MUMPS based systems in hospitals.
IIRC MUMPS is about 50 years old...

1492 wrote:


So many hospitals get crypto ransomware as they fail to upgrade from unsupported OS such as WIN XP. Running an updated AV is no insurance, security patches adding additional layers of protection. In large enterprise environments, it only takes one employee to be fooled into clicking an infected link, and encrypting not only their local drives, but network attached drives. All because some CEO decides it unnecessary to allocate funds to protect their network.

And when it happens (not if), IT gets the blame and the CEO and execute staff still gets their bonus. The board and executives aren't interested in long term cost (old OS cost a lot to maintain), they're interested in up front savings.

that's my fight annually, to justify a measly few 100 grand for IT from a multi million dollar enterprise operating budget.

MEXICOWANDERER wrote:
I understand it's affected only XP systems.

But I do not know how large institutional XP got infected. The virus is supposed to only load if a link is clicked.

How did so many systems get fooled?

Not just WIN XP, but Vista and Windows 8. So long as you did routine WIN 7 and WIN 8.1 updates, you should have been fine.

So many hospitals get crypto ransomware as they fail to upgrade from unsupported OS such as WIN XP. Running an updated AV is no insurance, security patches adding additional layers of protection. In large enterprise environments, it only takes one employee to be fooled into clicking an infected link, and encrypting not only their local drives, but network attached drives. All because some CEO decides it unnecessary to allocate funds to protect their network.

Moved from Forum Technical Support

wgriswold wrote:
I back up wirelessly to a hard drive. So the drive is connected to my password protected router and visible on my network. Could a virus get to it?

More than likely, yes, it is vulnerable. The wireless drive probably shows up as a network server share, and cryptolocker viruses do search those out and infect them.

I back up wirelessly to a hard drive. So the drive is connected to my password protected router and visible on my network. Could a virus get to it?

Windows XP(and 7)update
eternal blue update

Microsoft has issued a FIX for the problem for free for all XP and windows 7 users.

Make sure you have windows update installed and set to automatically download and install updates.
This should prevent infection
You could/should run something like malwarebytes or window malicious removal update to see if you are infected.

OFFLINE backups are key. Many cryptolocker virus look for things like USB drives that folks backup to, but leave connected all the time, and will scramble those backups as well.

The key is to take a backup (or snapshot) and then disconnect the drive, or use a program that stores and protects snapshots automatically. I don't know the consumer grade stuff but use Quest Rapid Recovery at the office. It protects about 6 terabytes of data with hourly encrypted snapshots. It's saved the enterprise's bacon more than once.

On my personal machines I use a cloud snapshot service - that wouldn't be much help to you with a troubled Internet connection.

How current are your backups?

You DO have backups, right?