Same here; Mom had her own CPA business for a while (she moved; this didn't actually ruin her business) and their servers with all their client data got encrypted. Didn't realize for months because it was slowly encrypting things over time starting with the oldest files first. By the time they realized they were months behind the last good backup as they had been backing up encrypted files. I don't believe anyone asked for a ransom so not actually "ransomware" but it was a shitty virus at the very least:/
These things encrypt everything they can get their hands on. In our case, someone opened an attachment from "FedEx" and it encrypted a business-critical network share. We restored from backups within an hour and life went on, with a thoroughly-embarrassed employee now very aware of why you don't open email attachments.
We did the same sort of thing when the Code Red [wikipedia.org] virus hit our company. *NIX admins started finding the signature URLs in our logs. We'd turn over the source IP addresses to the Windows admins for cleanup. But often they'd just deny that the identified machines were running IIS*. So we took a couple of Linux systems and added a cgi script to the Apache configuration matching the virus target. When hit, it would send a win pop-up message to the source to the effect that their machine had been infected, was br
by Anonymous Coward writes:
on Friday March 16, 2018 @06:03PM (#56272325)
Virtually every attorney I know gets emails at least once a week specifically targeted to them and most have had their firms hit at some point in the past. One firm I know paid the $50K, got the key, canceled the payment (stupid), was immediately hit again because they had of course left back doors, and had to shell out $150K the second time.
I run unRAID, which is a *type* of RAID, right? All my shares are Read-Only at the server level, except an "incoming" folder where I put stuff that ultimately needs to be moved around. If I got hit by ransomware, they could certainly do some damage, but 95% of the server is untouchable.
Yeah but if I was writing some nasty shit ransomware then I think I'd also want my code to attack any backups too right? You just can't beat the old hard drive in the desk drawer that you plug into your USB when you can be arsed/remember/slashdot reminds you.
What!? You mean you don't automatically needlecast your D.H.F. every 48 hours to a secure location. It's almost like you're asking to get your data lost to ransomware.
"Mission-critical system alert: 40-year-old OpenVMS hit by exploitable bug... The OpenVMS bug affects systems running on VAX and Alpha processors... The vulnerability affects all versions of VMS and OpenVMS dating back to version 4.0, when it was just called VMS."
It was on a windows install on a dual OS machine, and I didn't need the windows installation. There wasn't even any valuable information on the install to steal, so I just rebooted into Linux and blew away the Windows partition. The only scary thing about the incident is I have no idea how the machine got infected - I barely every used Windows to begin with and didn't have any recollection of doing anything "shady".
Re: (Score:2)
Same here; Mom had her own CPA business for a while (she moved; this didn't actually ruin her business) and their servers with all their client data got encrypted. Didn't realize for months because it was slowly encrypting things over time starting with the oldest files first. By the time they realized they were months behind the last good backup as they had been backing up encrypted files. I don't believe anyone asked for a ransom so not actually "ransomware" but it was a shitty virus at the very least :/
Cowboy Neal (Score:3)
I don't dare to hit the vote button cause you never know what will happen when clicking random clickbait on the internet.
Re: (Score:1)
It's a Unix system. I know this!
LINUX (Score:1)
=NO
All it takes is someone with network share access (Score:1)
These things encrypt everything they can get their hands on. In our case, someone opened an attachment from "FedEx" and it encrypted a business-critical network share. We restored from backups within an hour and life went on, with a thoroughly-embarrassed employee now very aware of why you don't open email attachments.
Re: (Score:2)
Re: (Score:2)
We did the same sort of thing when the Code Red [wikipedia.org] virus hit our company. *NIX admins started finding the signature URLs in our logs. We'd turn over the source IP addresses to the Windows admins for cleanup. But often they'd just deny that the identified machines were running IIS*. So we took a couple of Linux systems and added a cgi script to the Apache configuration matching the virus target. When hit, it would send a win pop-up message to the source to the effect that their machine had been infected, was br
click on "no"... (Score:1)
click on 'no' and a little pop-up shows: "now you have"
Different answer if asked on a legal site (Score:3, Interesting)
That is why (Score:3)
Re: (Score:2)
So that's a "yes" from you, then?
No, but thanks for the backup reminder (Score:3)
Just plugged in my external drive and kicked off the first backup of 2018. Yes, tut, tut...
Re: (Score:3)
Eh, just get a RAID. Then it'll be always running.
You know what they say, RAID is a backup!
Re: (Score:2)
I run unRAID, which is a *type* of RAID, right? All my shares are Read-Only at the server level, except an "incoming" folder where I put stuff that ultimately needs to be moved around. If I got hit by ransomware, they could certainly do some damage, but 95% of the server is untouchable.
Re: (Score:2)
Yeah but if I was writing some nasty shit ransomware then I think I'd also want my code to attack any backups too right?
You just can't beat the old hard drive in the desk drawer that you plug into your USB when you can be arsed/remember/slashdot reminds you.
Re: (Score:2)
Re: (Score:2)
No, (Score:1)
My VAX system is completely secure, only I still know how it works.
Re: (Score:2)
This is also why Apple equipment rarely gets hit!
Re: (Score:2)
This is also why Apple equipment rarely gets hit!
That is security by rarity. What kind of idiot uses Apple networks nowadays?
Re: (Score:3)
"My VAX system is completely secure ..."
Not anymore. http://www.zdnet.com/article/m... [zdnet.com]
"Mission-critical system alert: 40-year-old OpenVMS hit by exploitable bug ... The OpenVMS bug affects systems running on VAX and Alpha processors ... The vulnerability affects all versions of VMS and OpenVMS dating back to version 4.0, when it was just called VMS."
Yes, but... (Score:3)
It was on a windows install on a dual OS machine, and I didn't need the windows installation. There wasn't even any valuable information on the install to steal, so I just rebooted into Linux and blew away the Windows partition. The only scary thing about the incident is I have no idea how the machine got infected - I barely every used Windows to begin with and didn't have any recollection of doing anything "shady".
Re: (Score:2)
I was, but... (Score:2)
missing options (Score:1)
Where's the, "I haven't had ransomware personally, but I've had to fix it for my friends," option?
Re: (Score:2)
Re: (Score:2)