Bitcoin is traceable. Most obfuscation techniques like tumbling make it more tedious, but they can be traced by the a government entity if the need is there.
Also, I highly doubt it was a targeted attack. Most likely ransomware was clicked on by someone in the organization.
I’m always skeptical of generic rules like always use a VPN. Doesn’t it matter what the situation is ? I’m in a rural area and I have my wifi strength set pretty weak to the point where somebody would need to be standing right outside my house to snoop. When in more public situations, I don’t do sensitive stuff on wifi.
I also live in a rural area but due to the setup of my house and office I have to keep the signal as strong as I can get it, I even have to use extenders. I have seen people park vehicles along the road, and pull out there computers or tablets. Anytime I see that I asume they are trying to find a free WIFI connection or one they can use their software on to break into WIFI systems.
The First thing I do when I have a new WIFI unit to install is to change the admin name, passwords, I also set my wifis to use hidden names, and I make my passwords as hard as possible, or if the WIFI allows I use the extreme passwords and the concept that the device, as to request a connection to the wifi router then I have to give the permission from the router control or website for the device, I always disable guess networks. and I also use VPN anytime that we have to make a connection to any bank accounts, or any other accounts that require use to give any personal information.
IT/Networks engineer here. Regarding VPNs: Please always remember that a VPN service is just somebody else’s computer. Ask yourself, do you trust the provider to not intercept or monitor the traffic? Was the risk of the VPN provider being compromised by an adversary also considered? Commercial VPN providers to me sound like a nice way to put all the interesting traffic into one nice easy place where it’s susceptible to interference be it from adversaries or government. I don’t want to go fill tin-foil-hat, but I always feel like a blanket “use VPN” might not always be great security advice.
Personally, the only VPN I use is the one that I set up myself, terminating to a router in my house as I can trust both the client (my laptop) and the server side. This does however require trusting your upstream ISP to not be doing anything bad, and I get that not everyone will want to spend the time setting this sort of thing up.
A ton of stuff that can be done. I like this website: https://routersecurity.org/
I know it’s impossible to truly be secure, but if I do a few things to make it more challenging, the bad guys will go looking for easier targets.
They look for the easy victim unless it is someone or some business they truly find challenging
A VPN won’t generally stop you being hacked or hit by ransomware - you can download nasty stuff perfectly well and very securely through a VPN. It just stops anyone between you and your VPN provider seeing what you’re doing. But if you’re only going to secure https (padlocked) sites then your traffic is encrypted anyway - a VPN will only stop an evesdropper seeing which sites you visit.
How to Geek has an excellent article on why it doesn’t do any real good to hide your SSID.
I stopped hiding my SSID name. I also run my home network as a “public” network and only make connections to specific other computer/printers on the network on an ad hoc basis (I rarely ever print anything out these days). Running your home network as a public network is more secure than running it as a private network with relaxed security between devices. And if one checks the advised Norton Security firewall settings, Norton recommends running as a public rather than a private network.
Don’t count on distance as a protection. Truly dedicated hackers can use a very high gain antenna that can pick up your Wi-Fi signals from 1 to 2 miles away. My English in-laws kept using WEP encryption out of laziness well into 2011 and the following NY Times article helped convince them to switch to WPA2:
(but I think this article also advises hiding the home router SSID! - see previous post by me in thread).
I do use WPA2. I can’t even “see” my network from the road, although I can see 2-3 neighbor’s networks. I’m only running a 5 ghz network. I didn’t think it would go “miles.”
TP Link 5 Ghz Outdoor CPE - boosts 5 Ghz transmission to 15 km but probably requires device on both ends and clear line of sight.
Amazing that you can get that kind of range for that low of cost. I guess it might be possible for somebody to detect signal from a mile or two away, but why go to all that hassle when there are others in the neighborhood that are much easier to detect. I’m like the guy with a companion running from a bear–I don’t have to outrun the bear–just my companion.
I have and older computer that has a working DVD player that I run a linux firewall from the dvd. The linux firewall has instructions in it that causes a reboot any time that a hack or any type of sign comes in to the front of the firewall that is not a normal firewall process. And also it reboots every 12 hours. It isn’t fool proof but it is normally more than enough for a home network.
Perhaps you’ve heard of the hackers that found out where some military workers in Texas like to get lunch and got access to their computers through a hacked Chinese menu the workers downloaded to their computers. Another computer was infiltrated through a fish tank filter connected to WiFi.
Weren’t they wearing their tinfoil hats?
There was a neighbor who purchased a new wireless printer that has Wi-Fi. He didn’t secure his new printer. The hacker across the street detected the new printer via Wi-Fi and sent a word document saying:
I am your printer
I am self-aware.
The neighbor panicked and put the printer in a black garbage bag and put it on the driveway curb outdoors. The hacker picked up the new printer for free!
Terost… This is fantastic!!! And awful!!!
That is pretty funny but I am putting my boots on or should I say waders.
On the contrary, it makes a lot of sense because they probably don’t have nearly as much security as financial institutions but still can be ransomed.