During the last hours the name of WannaCry has been commented on in many media and places. The reason: being the ransomware that has forced Telefónica and other major companies in Europe to shut down their computers. Last Friday the spread and collapse of Telefónica's computers was known due to the operation of the WannaCry ransomware. Since Telefónica is a company specialized in telecommunications, in a matter of hours, malware spread to major companies in Europe, including banks, hospitals and Telefónica's domestic users.
The crisis reached such a point that Telefónica itself sent an email to everyone asking them to please turn off their computers and disconnect the Wi-Fi network from their devices. A real computer crisis that many have pointed to as the biggest of the year. But What would have happened if Telefónica used computers with Gnu / Linux? Would the same thing have happened?
The number of memes and jokes that have come out around the use of Windows and WannaCry have been as popular as the news and the problem itself. However, changing the operating system would not have changed things. WannaCry is a ransomware that as it runs it encrypts the entire hard drive and it shows a screenshot where it informs you that if you want the data you have to pay for it.
This ransomware works on Windows computers, that is, all infected computers have a Windows operating system. But the biggest problem with WannaCry, as I see it, is no longer its operation but its propagation. A spread that it would not have been avoided if Telefónica used another operating system.
WannaCry is a ramsonware that works on Windows but would also have been stopped in its tracks if users had upgraded their computers. Microsoft recently released a security patch that prevented WannaCry from working. Apparently not everyone updates their computers.
In short, having used Gnu / Linux would not have prevented Telefónica from spreading WannaCry and it would also face problems. Now, one thing is true, their computers would continue to work. Currently, Telefónica's computers are down and many workers cannot work. This is something that will continue to happen this week in many companies because according to EuroPol, WannaCry attacks will continue to be present. Using another operating system such as Mac OS would not have changed things much either, WannaCry uses a javascript script, a technology that is present in all operating systems, including Androd, Gnu / Linux and iOS.
Table of Contents
So how can I save my WannaCry team?
If you have Windows, the best thing to do is update the operating system with all the security packages that are available for our version; the second step would be to use a backup system and make a backup of our data before it is too late and finally update our antivirus and security systems. If we want to make a backup of the hard drive, Clonezilla is a great free and Open Source tool that will help us with this.
In the case of Gnu / Linux, it is advisable to update the operating system with the latest packages and updates, since normally all distributions quickly upload patches and security packages to solve these problems.
How to update our Gnu / Linux system
A good option is create a script for the operating system to update and put this script on login so that every time the computer is turned on it is updated with the latest versions. To do this, we open gedit and write the following:
#!/bin/bash sudo apt-get update sudo apt-get upgrade
We save it with the name "update.sh" and then we put it in Login Applications. Thus, when we start our session, we will be asked for the root password to update the operating system. And with that the operating system will be updated.
While we have said that Gnu / Linux does not support WannaCry, why do all this? Simply because WannaCry has versions for all operating systems. Windows is an operating system found on many home computers and on major business networks. But the second most used system in servers is Gnu / Linux. A system that is in many servers of many companies and institutions; the Internet of Things is also being created with Gnu / Linux systems and mobiles use the Linux kernel. That is the Linux version of WannaCry will be the next thing we see. That is why it is important to update our operating system.
Personal opinion on the matter of Telefónica
Any computer controversy is quickly led to the confrontation of operating systems. It is something that we cannot avoid. And in many cases, When it comes to security above all, Gnu / Linux is always the winner. Its operation is quite restrictive, even for the owner himself. What makes Gnu / Linux not as affected by attacks like WannaCry as in other operating systems.
Telefónica surely would not have had the same problems with Gnu / Linux as with Windows, neither would have had them if their operating systems were up to date. But in any case, Linux, Windows or Mac, WannaCry has not been avoided and will continue to exist on the Internet, a threat that will be present for those who do not update their computers or forget to do an updated installation.
So what I get out of all this, what I should get out of all this, is that our operating system we always have to keep it updated since they continue to exist and there will be evils that will annoy our data and our equipment. However Has Telefónica learned its lesson?
Image - Michael
34 comments, leave yours
I am sorry to disagree about your post, nothing would have happened to Telefónica if it used Linux, WanaCrypt0r 2.0 or WanaCry uses a flaw in SMB 1 communication systems to spread through windows networks, the other flaw it has is that it acts with the registry of windows and skips the system administrator and encrypts the files not the operating system, I fully agree that if they had been updated this would not have happened to them, What is not conceivable is that a company like Telefónica does not have its systems updated or uses systems more secure like linux. in gizmodo, hypertextual, and xataka they explain how RAMONWARE works as RTVE says;)
In addition, the article contradicts itself, on the one hand it says that if they had used GNU / Linux they would not have been infected and then it goes and says that the Operating System does not matter ...
It is true I do not think that this bug works in GNU / Linux even using javascript somewhere since the javascript in this system is very secure, for example we cannot create files on the hard disk, however windows does allow creating files on the disk for the language extensions introduced by microsoft.
Not that, and according to what you say in the article, this ransomware only affects some non-updated versions of Windows, if Telefónica had not had Windows computers without updating or they had used a different operating system, they would not have been affected.
It seems to me something strong that in 2015 I warned him on his own blog and advised a very simple measures to prevent this disaster.
http://www.elladodelmal.com/2015/05/como-eliminar-algun-ransomware.html?m=1
All the best
It would have happened that the bosses would not have been able to pocket the sum of $ that bill gates provides to these public and non-public companies when they do their European tour.
RAMONWARE?
Just to add ...
Do you know Chema Alonso?
He ensures that windows is as secure as Linux and explains many things that happen in the world of security, I recommend his lectures (YouTube). By the way, he works for telefonica haha
With Linux, nothing would have happened, for various reasons, but there is a simple one among them: usually in Linux, we do not use a user with permissions to encrypt / encrypt the hard drive, so nothing would have happened.
ubuntu! = linux, advice is appreciated, but the script you put is ubuntu / debian only
But how will GNU / Linux and Mac be affected by exploiting a WINDOWS vulnerability?
In all these years I have not yet heard ONE CASE of someone who has had his computer encrypted with these systems, theories that say that a few can happen.
I've seen morons recommending disabling Windows updates for years now, then complaining.
And how does a Windows worm run on Linux?
Your hypothesis is valid only if the worm can run on Linux (or there is an infected Windows PC with access to the files).
For me, a 100% Linux scenario is invulnerable to this particular attack, because it is for a specific platform.
Why do you call Ubuntu or Debian Gnu / Linux? Well, the script that you propose to have the system updated in Gnu / Linux, only works for Ubuntu or Debian or derived from those operating systems. I don't understand that mania for reducing Gnu / Linux to those distributions, as if they didn't exist anymore. Unfortunately that happens in many of the blogs on the Internet, when we all know that there are many more. Please let's start telling it like it is.
I see that whoever wrote this article is not very clear about what he says. In fact, he doesn't have much idea what he's talking about either. This malware is not compatible with Linux, nor with Mac, nor with many versions of Windows. Only unpatched versions of XP were vulnerable. And you always had to enlist the help of a clumsy one to execute an attachment to an email message, which seems to have been the distribution method used to launch the malware.
Very good In telfonica linux is used. There is a fact that you do not comment and it is vital. Servers. In a corporate environment, windows or linux are used depending on the service to be implemented and its technology. A decent company with only Linux or only windows is nothing.
It is logical to assume that the damage is in the computers / servers mounted in a network with the resource to which the worker connects, not the end computer. It platform and au.
On the other hand, there are also ransomware for Linux, and if that had been the case, the damage could have been greater.
The wannacry will affect whether or not the equipment is patched.
The propagation method is the only interesting thing. It was a 1day. But there are other methods of propagating the smb.
Conclusion.
This article leaves a strange taste in my mouth.
Edu
"On the other hand there are also ransomware for linux." Yes, only the "small" problem of the permission of the root files remains. No normal user can encrypt the root partition as such. In any case, the files belonging to the user running the malware will be encrypted. To encrypt boot you have to have root permissions. Try it as a normal user to see if you get it. »$ Gpg -c / boot«. Try to see what happens.
And now the best: «and if it had been the case, the damage could have been greater»… how? What?… God!… Skynet would have connected surely. In the supposed case that there were linux computers, the damage would be the same in the worst case, since they would handle the same data. Or does linux have the power to unleash the apocalypse?
Hey, I'm the one from before ^^ hee
It is too early and I had not understood the post very well. re read I see I said what you said.
If you want, don't post me :)
Linux apologies
I dare you to manage to infect a network with wannacry without any windows pc. You can't be more wrong with this article….
To report the post. This is not misinformation, it is not having a damn idea of what happened.
Telefonica HAS NOT CONTAGED ANYONE. And less to users and other companies. Even within Telefonica, the infection has been minimal.
The propagation is by samba. Obviously Telefonica does not use this protocol other than between the PCs of its intranet. With a few PCs connected, as a prevention, workers were instructed to turn off their workstations to prevent spread, hence everything was turned off, not because everything was infected. And the effect on any other company or individual is from another source, not contagion from Telefonica
Salu2 to the ICT of Manresa
Hello. I am the 1st time that I intervene in this forum, although I follow it assiduously.
I have created the script, I have saved it in my personal folder and I have included it in applications at startup. However it does not run on startup-restart, have I saved it wrong?
Forgive me, but I'm just an ubuntu user and I'm not fluent in scripts.
Thank you very much.
That script will not work for you because it runs from the user and needs the password. Which is not going to ask you unless you alias sudo to a desktop version like gksudo or kdesudo, or you directly modify the above script and make it load one of these versions with gui.
It would also modify the upgrade by adding the option "-y", otherwise it will also be waiting for an order.
Well, it is not that Telefónica has little Linux precisely
It was precisely the computers that ran gnu / linux of the few that were not infected.
A corrupted Linux virus like this (and previous ones) has not yet been created.
And that is why, among other things, it already has almost 100% servers.
I don't think a massive cyberattack on Linux is close, and even less with a virus.
Those of us who do not use MS WOS on the desktop (Linux (es), Mac OS or FreeBSD) IF WE ARE SAFE. To say that "allomejó" invents something bad in the future, is FALSE EQUIVALENCE.
And someone writes this, gamer, who after time in dual boot, and even in times of XP migrated to GNU / Linux 100% fed up with the viruses that once a year no matter how cautious they were forced to reinstall the system.
Just having “Chema Alonso” as an external security advisor leaves a lot to think about Telefónica's “IT Staff”, they are definitely on the street !!!
No offense, did Microsoft pay this page to make this post? It would be interesting to know, because in various portals there are "articles" (unfounded speculation, I would say) where they try to put the same (wrong) idea into our heads: "with GNU / Linux the same thing as Windows would have happened."
Anyone who wants an example of the garbage and lies that can be written, can read this: https://www.xataka.com/seguridad/ni-linux-ni-macos-te-salvaran-del-ransomware-la-condena-de-windows-es-su-popularidad
It is very curious that a page dedicated to "Linux" (when are we going to start calling it GNU accordingly?) Publishes this kind of writing, which seems to have been written with the intention of leaving Microsoft and its spy operating system in the best possible position, mediocre and completely disastrous in terms of security.
Do not lie to people, with GNU / Linux malware would not have spread, there would not even be infections. If you are going to advertise Windows, put up a banner.
regards
Ispiriux, don't mind that script, don't mess up your makina with those scripts, modern distributions and yours use aptd and it will notify you when you have updates. If you want to make them manual, give your dash and put update.
Neither case that addicted linux addicts, seems more like junk addicts.
dok, newsages, thanks for your suggestions. I think I will pay attention to the 2nd. XDDDDDDDDDDDDDDDDDDDDDDDD
"WannaCry has versions for all operating systems" and then you say, "That is, the version of WannaCry for Linux will be the next thing we see." They were? Is there a Linux version or are you working on it? Is it a forecast or a wish? Regrettable.
Stop making and running scripts to automate system updates. Simply updating the system regularly through the package manager is sufficient. Some systems like Ubuntu, Manjaro or Antergos have their own updaters that notify you of package updates. Seeing what updates are there before updating can save you more of a headache especially when you handle rolling release distros that don't get along very well with the graphics card you have installed. The graphical environment will thank you. And above all, nothing to run scripts whose origin and effects on the system are unknown. Especially when they ask for root permissions. This is not windows, is it colleague?
Linux is not only debian and derivatives (apt upgrade), I also think the post is not relevant, there are many contradictions, I agree with the comment about samba (which is the means by which the ransomware spread in the INTRANET of telefonica ) Better check out Chema's blog. Also this space is for linuxeros and not WindCRYos blog: http://www.elladodelmal.com/2017/05/el-ataque-del-ransomware-wannacry.html
I really do not understand this misinformation ... I join all the previous comments. The first thing the virus affected non-updated versions of Windows, as they say out there, I have heard many "technicians" disable system updates ... and on the other hand, from what I see on the computers I review, the majority of common users It is not that I update the systems properly ... I have found windows with 200 or 300 pending updates ....
The second thing is that Gnu / Linux would not have been affected in the same way, since to touch the "System files" you have to be root and no user who has Linux normally executes anything as root unless they are going to be touched. system configurations (which is not usual), so the infection would surely have been much less if you had this system.
Companies should take these things more into account when implementing systems, and train their employees in the safest technologies for their data, not by putting the "easier" they save on costs (licenses have to be paid for), then comes the virus with the sales….
70% of the internet is Unix / linux,
The argument that it is little used is a fallacy,
greetings.
https://w3techs.com/technologies/history_overview/operating_system