Global cyberattack stopped by 22-year-old who lives with his parents

Screenshot of ransomware attackA massive ransomware attack on Friday hit 99 countries and shut down thousands of operations, including FedEx and England’s National Health Service.  The malware took control of computers and kept them from working unless victims made a payment of $400, going up as time elapsed.  The virus had its origin in software stolen from the National Security Administration, whose security was last year.

What strikes me the most about this attack, however, is how it was stopped.  The world was saved, so to speak, by a 22-year-old blogger who never went to university and who lives with his parents.

He read reports about the attack, found a copy of the virus, and saw that the code included a domain name that was not registered.  So he registered it.  And that stopped the virus all over the world.

More details after the jump. [Read more…]

Hacking into the rest of our technology

One of those darn kids invented a monster.  It is called Shodan.  And it threatens everything connected to the internet, which is now pretty much everything:

It began as a hobby for a ­teenage computer programmer named John Matherly, who wondered how much he could learn about devices linked to the Internet.

After tinkering with code for nearly a decade, Matherly eventually developed a way to map and capture the specifications of everything from desktop computers to network printers to Web servers.

He called his fledgling search engine Shodan, and in late 2009 he began asking friends to try it out. He had no inkling it was about to alter the balance of security in cyberspace.

“I just thought it was cool,” said Matherly, now 28.

Matherly and other Shodan users quickly realized they were revealing an astonishing fact: Uncounted numbers of industrial control computers, the systems that automate such things as water plants and power grids, were linked in, and in some cases they were wide open to exploitation by even moderately talented hackers.

Control computers were built to run behind the safety of brick walls. But such security is rapidly eroded by links to the Internet. Recently, an unknown hacker broke into a water plant south of Houston using a default password he found in a user manual. A Shodan user found and accessed the cyclotron at the Lawrence Berkeley National Laboratory. Yet another user found thousands of unsecured Cisco routers, the computer systems that direct data on the networks.

“There’s no reason these systems should be exposed that way,” Matherly said. “It just seems ludicrous.”

The rise of Shodan illuminates the rapid convergence of the real world and cyberspace, and the degree to which machines that millions of people depend on every day are becoming vulnerable to intrusion and digital sabotage. It also shows that the online world is more interconnected and complex than anyone fully understands, leaving us more exposed than we previously imagined.

via Cyber search engine exposes vulnerabilities – The Washington Post.