Hi all.
My school recently suffered a ransomware attack, which resulted in them having to completely restart everything from scratch (student's work, records, etc.). This has really interested me, and I'm in the process of building a peice of ransomware myself (purely as an exercise, and obviously it's never to leave my own virtual environment).
So far it works great on a single machine - it encrypts all files in the user folder and locks the user out of the computer until payment is received.
However I'm having trouble working out how I would allow this program to spread across the network. Would the hacker responsible for the attack have to have had physical access to the server in order to encrypt everything?
There's a workaround on my school's system which allows you to elevate your local account to administrator, however this does not make you administrator of the network, just admin of that machine. Would this be of use in this application?
Honestly I really do not know how a network works on a fundamental level, so sorry if I am missing something obvious.
But thanks so much for reading, I look forward to hearing your responses.
TLDR: School became victim to a ransomware attack - could've potentially gained admin access to a machine, however its unlikely that they had access to the servers directly. How would this have encrypted all data on the network?
[link] [comments]
from hacking: security in practice https://ift.tt/3hoguzx
Comments
Post a Comment