Page 1 of 2 12 LastLast
Results 1 to 10 of 16
  1. #1
    Senior Member piroska's Avatar
    Join Date
    Dec 2017
    Location
    With Kim-Jong-Mum
    Posts
    3,332

    Default Opening Attachments

    https://www.stuff.co.nz/national/125...kato-hospitals


    “Someone opened an email attachment it was in.”

    He said there was no threat received to make patient information public, just the ransom threat, but that would not be paid.

    Sigh.
    Educate the staff.

    Have backups. And images.

    Then who cares if their is ransomware?

    When I worked for WDHB It was the most shocking, hopeless place I had ever come across for IT.
    Ex-pctek

  2. #2
    Seasoned Member allblack's Avatar
    Join Date
    Dec 2004
    Location
    The 'Nui
    Posts
    1,819

    Default Re: Opening Attachments

    Quote Originally Posted by piroska View Post
    Educate the staff.
    That's no longer an avenue of blame - these emails are getting cleverer and cleverer, and when you're busy, under the pump, 4 hours short in the day, you'll open an email to get on with life.

    Staff are educated, but

  3. #3
    Senior Member 1101's Avatar
    Join Date
    Jan 2008
    Posts
    7,274

    Default Re: Opening Attachments

    Quote Originally Posted by piroska View Post

    Sigh.
    Educate the staff.

    .
    That doesnt work. Theres allways one person.....

    Ive found that there are still so many staff in every sector with near zero PC skills .
    - unable to use a browser , or dont know what a browser is (have to tell them go into google)
    - unable to enter URL into browser adress bar
    - dont know where my docs folder is downloads folder is
    - dont know how to turn the PC on or off (yes that)
    - dont know what the desktop is or how to get to the desktop to click a shortcut I put there
    - I'd ask them 4x "did you use this password for anything else" & they dont give me a yes/no answer, just rambling dribble
    - dont know how to put a USB falsh drive stick into a USB slot, I had to make a trip onsite to do that
    - insist on opening EVERY spam email no matter how many times I tell them not to

    educate staff. Yeah right

    And its still VERY easy to click that link, especially when under job related stress . Or when expecting a similar email (eg expecting an email with courier tracking info .)
    I know of IT staff that have done it .

  4. #4
    Computer Technician wainuitech's Avatar
    Join Date
    Aug 2007
    Location
    Wellington
    Posts
    28,359

    Default Re: Opening Attachments

    Only 1 question -- WHY didn't the Antivirus and other Security catch it ?? Obviously not good enough or setup correctly.

    There should have been at least two chances to stop, 1 at the servers and 2 at the desktop PC.

    If set up correctly the security would have stopped it dead even when clicking a link or opening a file.

    Just listening to the article the guy ( Kevin Snee) is asked that exact question -- Talk about a Errrrrr I dunno answer LOL

    The presenter is hammering him
    Last edited by wainuitech; 19-05-2021 at 09:59 AM.

  5. #5
    Senior Member 1101's Avatar
    Join Date
    Jan 2008
    Posts
    7,274

    Default Re: Opening Attachments

    Antivirus doesnt allways catch it . Ive had ransomware get past many brands of AV , incl NOD .
    There are products that claim to stop ransomware ( monitoring disk/file access I think) , but will those products stop new variants ?
    There are also services that will strip out links in emails , for analysis & require users to jump through some hoops to get access to those links. But that costs money.

    I's bet the real reason would have been a lack of funds for implementation of the required Anti Malware/security systems . And possibly creaky old PC's & severs ?

  6. #6
    Senior Member baabits's Avatar
    Join Date
    Sep 2009
    Location
    too far away
    Posts
    340

    Default Re: Opening Attachments

    Quote Originally Posted by wainuitech View Post
    Only 1 question -- WHY didn't the Antivirus and other Security catch it ?? Obviously not good enough or setup correctly.

    There should have been at least two chances to stop, 1 at the servers and 2 at the desktop PC.

    If set up correctly the security would have stopped it dead even when clicking a link or opening a file.

    Just listening to the article the guy ( Kevin Snee) is asked that exact question -- Talk about a Errrrrr I dunno answer LOL

    The presenter is hammering him
    I wonder what kind of file it was.

    Most that I've seen lately is macro enabled documents with the whole "This document is protected so click enable macros on the security prompt to read it" bullcrap.

    We disabled macros completely through GPO and it seems to have dealt with it nicely.

    For everything else a nice stamp on the top of the email saying this is an external message through Exchange rules works nicely, and staff training to check if that stamp is there before opening any attachments.

  7. #7

    Default Re: Opening Attachments

    Yesterday the Herald said it was caused by someone putting a usb drive into the parking pay thing, or something equally odd. Watch the blame game begin.

  8. #8
    Senior Member piroska's Avatar
    Join Date
    Dec 2017
    Location
    With Kim-Jong-Mum
    Posts
    3,332

    Default Re: Opening Attachments

    Quote Originally Posted by wainuitech View Post
    Only 1 question -- WHY didn't the Antivirus and other Security catch it ?? Obviously not good enough or setup correctly.
    :
    Because of what they use, mainly.

    And being busy isn't an excuse............I've never opened an attachment, at work or otherwise, because I'm busy...
    Ex-pctek

  9. #9
    Bleakly Optomistic
    Join Date
    Jun 2006
    Location
    Otaki, NZ
    Posts
    1,562

    Default Re: Opening Attachments

    Quote Originally Posted by 1101 View Post
    That doesnt work. Theres allways one person.....

    Ive found that there are still so many staff in every sector with near zero PC skills .
    - unable to use a browser , or dont know what a browser is (have to tell them go into google)
    - unable to enter URL into browser adress bar
    - dont know where my docs folder is downloads folder is
    - dont know how to turn the PC on or off (yes that)
    - dont know what the desktop is or how to get to the desktop to click a shortcut I put there
    - I'd ask them 4x "did you use this password for anything else" & they dont give me a yes/no answer, just rambling dribble
    - dont know how to put a USB falsh drive stick into a USB slot, I had to make a trip onsite to do that
    - insist on opening EVERY spam email no matter how many times I tell them not to

    educate staff. Yeah right

    And its still VERY easy to click that link, especially when under job related stress . Or when expecting a similar email (eg expecting an email with courier tracking info .)
    I know of IT staff that have done it .
    Quote Originally Posted by baabits View Post
    I wonder what kind of file it was.

    Most that I've seen lately is macro enabled documents with the whole "This document is protected so click enable macros on the security prompt to read it" bullcrap.

    We disabled macros completely through GPO and it seems to have dealt with it nicely.

    For everything else a nice stamp on the top of the email saying this is an external message through Exchange rules works nicely, and staff training to check if that stamp is there before opening any attachments.
    The ones that slip through here, are the ones that ask you to click a poisoned link (NZ post, Westpac, Trade me, facebook, apple, google) thankfully the security at work doesn't allow external links except ones authorised. Funnily enough, this forum was authorised about 15 years ago

  10. #10
    Bleakly Optomistic
    Join Date
    Jun 2006
    Location
    Otaki, NZ
    Posts
    1,562

    Default Re: Opening Attachments

    Quote Originally Posted by piroska View Post
    https://www.stuff.co.nz/national/125...kato-hospitals


    “Someone opened an email attachment it was in.”

    He said there was no threat received to make patient information public, just the ransom threat, but that would not be paid.

    Sigh.
    Educate the staff.

    Have backups. And images.

    Then who cares if their is ransomware?

    When I worked for WDHB It was the most shocking, hopeless place I had ever come across for IT.
    The thing about this 'conti' one, is it's great at turning backups off etc before making itself known. Scary stuff. wait for the release of all the patient info.

Similar Threads

  1. Attachments not opening.
    By Cicero in forum PressF1
    Replies: 3
    Last Post: 18-11-2012, 07:32 PM
  2. Opening attachments.
    By Cicero in forum PressF1
    Replies: 13
    Last Post: 30-12-2009, 08:00 PM
  3. opening attachments
    By galeforce in forum PressF1
    Replies: 9
    Last Post: 02-11-2003, 04:37 AM
  4. Attachments opening
    By heaton in forum PressF1
    Replies: 5
    Last Post: 15-05-2003, 12:03 PM
  5. Opening Graphic Attachments
    By willbry in forum PressF1
    Replies: 11
    Last Post: 12-11-2002, 04:56 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •