To discuss this news :
https://www.aviation24.be/airlines/tnt-air ... ked-liege/
100 trucks, 40 flights canceled, 100.000 packages delayed.
Some comments :
- it's not a cyber attack, it's simple malware (throwing 5 stones in the sky and hitting randomly 3 people is not an attack in my eyes, it's certainly not targetted)
- the vulnerability used was patched by microsoft long ago and for those who didn't want to patch there were known alternatives
- Most anti malware software block the attack (Symantec knows about variants of Petya from 2016 and could protect its clients for example)
- TNT seems be the the only airline impacted and one of 5 companies impacted in BE
=> conclusion : it's one of those things that happen in Belgium but shouldn't.
TNT blocked by malware
Moderator: Latest news team
TNT blocked by malware
My messages reflect my personal opinion which may be different than yours. I beleive a forum is made to create a debate so I encourage people to express themselves, the way they want, with the ideas they want. I expect the same understanding in return.
Re: TNT blocked by malware
TNT says it is affected worldwide, not only in Belgium. How can you be sure that the virus hit in Belgium first, and not inn Holland, England or Germany?
And maybe it is not a cyber-attack (although all media, also international ones, refer to it by this word), but it is certainly worse than a normal malware: it's a ransomware with sophisticated codes to hide the destination of the money to be paid in bitcoins!
And maybe it is not a cyber-attack (although all media, also international ones, refer to it by this word), but it is certainly worse than a normal malware: it's a ransomware with sophisticated codes to hide the destination of the money to be paid in bitcoins!
André
ex Sabena #26567
ex Sabena #26567
Re: TNT blocked by malware
You can't know. But it's not that important where it started, the first is as vulnerable as the last. The mess is wide.TNT says it is affected worldwide, not only in Belgium. How can you be sure that the virus hit in Belgium first, and not inn Holland, England or Germany?
Worldwide issue then much better.
yes, same things as 6 weeks ago.And maybe it is not a cyber-attack (although all media, also international ones, refer to it by this word), but it is certainly worse than a normal malware: it's a ransomware with sophisticated codes to hide the destination of the money to be paid in bitcoins!
i guess they'll change the vocabulary after 600 times over 10 years
But don't forget, as exceptional as it may sound, "attacks" are a daily matter and only a few entreprise failed today.
Now, aside of each other opinions, we can talk facts:
1. TNT does not patch windows vulnerabilities
2. TNT does not have an anti malware system (or at least not an efficient one)
3. Since it's using the same vulnerability, we can say TNT got luckily through wannacry 6 weeks ago and got less luck with this one (the new seems to be more sophisticated, that could explain why, but it doesn't cancel point 1 and 2)
(far from aviation, true)
My messages reflect my personal opinion which may be different than yours. I beleive a forum is made to create a debate so I encourage people to express themselves, the way they want, with the ideas they want. I expect the same understanding in return.
Re: TNT blocked by malware
I would call spraying around with a machine gun and hitting whatever random people or objects you're hitting an attack, not simply a weapon.Acid-drop wrote: ↑28 Jun 2017, 15:26 To discuss this news :
https://www.aviation24.be/airlines/tnt-air ... ked-liege/
100 trucks, 40 flights canceled, 100.000 packages delayed.
Some comments :
- it's not a cyber attack, it's simple malware (throwing 5 stones in the sky and hitting randomly 3 people is not an attack in my eyes, it's certainly not targetted)
About two months isn't that long. See https://www.rapid7.com/db/vulnerabiliti ... -2017-0199- the vulnerability used was patched by microsoft long ago and for those who didn't want to patch there were known alternatives
Happened in the Netherlands (big impact on Maersk and other companies active in harbour and transport), and all around the world as well. Target was probably Ukraine (timed one day before a national holiday over there), but once malware is spreading, it doesn't stop at borders.- Most anti malware software block the attack (Symantec knows about variants of Petya from 2016 and could protect its clients for example)
- TNT seems be the the only airline impacted and one of 5 companies impacted in BE
=> conclusion : it's one of those things that happen in Belgium but shouldn't.
For a deeper technical dive: https://tweakers.net/reviews/5539/inter ... ecies.html
-
- Posts: 3059
- Joined: 24 Jun 2006, 08:34
- Location: Vl.Brabant
- Contact:
Re: TNT blocked by malware
@Acid_drop: thanks for inside insights and comments. I did wonder why none of my Unix boxes seemed to be affected!