Ransomware is nothing to play with.


Well, I have been gone from the forum for a couple of months. I was just focusing on year-end stuff with my clients going into December. But I thought I would have my usual downtime after the 1st. And I was totally wrong. On the 2nd of January, my biggest client was attacked via ransomware. The hacker got into their network using remote access. He infected over three million files with a variant of Dharma. It corrupted everything. Their snapshots, their backup systems. Thank God it didn't corrupt their virtual environment or their email system. Without those two pillars they would have lost their entire company. Over 600 people would have been out of work.

I don't know if you guys know much about ransomware. Most at GaG seem to be blissfully ignorant about technology/science topics. But it is nothing to play around with. This client of course, played around with it. This was their third ransomware breach. And they simply did not address the issues they had with email and remote access.

They have had a bad email policy going back years. They should have banned free or private email usage on their computers long ago. They have a good virus scanner, but virus scanners can only protect against known threats. They also had a lousy remote access policy. They should have been using multifactor authentication years ago. But corporate folks are stupid. They are always trying to cut corners. Most of the time it is great for me, because I get to charge overtime/doubletime etc. But it isn't a good situation if the company almost goes under because of a silly ransomware breach.

For people just trying to protect their private computers, you have to stop thinking that you can protect yourself and just assume you are going to get hacked or breached at some point. So save all your critical data to usb drives or in the cloud. And when you get breached, just rebuild your computer from your OS/manufacturer installation and reinstall all your stuff. The OS, programs, games can be replaced. But your valuable data, your documents, images, photos, etc. cannot.

Ransomware is nothing to play with.
Ransomware is nothing to play with.
Add Opinion

Most Helpful Guys

  • MrOracle
    All data storage devices will eventually fail, so making backups is vital. That means of EVERYTHING!

    I tell my customers and my family and friends to make sure they are backing up their phones, tablets, laptops, desktops, and anything else that stores data that they don't want to lose forever.

    Still, many of them have lots of irreplaceable photos, videos, and other things on their phones and tablets that are encrypted and very easily lost for any of several reasons, and no backups.

    I have spent a considerable amount of time and money on my backup strategy, with multiple copies including off-site backups of critical data in case of a fire or other disaster. It's a hassle, but I have lost hard drives before and was able to recover, and that is worth the money and hassle every time.
    Is this still revelant?
    • Yeah, that is hilarious. Last year, a CEO tried to make me responsible for the data on his phone. I was like dude, it takes 30 minutes to make a backup. We recovered his data, for an additional cost.

  • Smegskull
    I've run it on a test bench before to test RAID but never fallen victim to it thank god.
    Is this still revelant?
    • Well, it is out there. Most common vector is email. The other two times they were infected, it either came in via private account or because someone spoofed a vip.

    • Smegskull


      Also welcome back dude.

    • They are using VPN, but they had a requirement for remote desktop. And it was all because of old legacy software.

      How/why a firm of that size is using Quickbooks, I will never know. Just cheap man. Cheap, cheap, cheap. . .

      This breach cost them half a mil, easy.

    • Show All

Most Helpful Girl

Scroll Down to Read Other Opinions

What Girls & Guys Said

  • Citizenkirk
    As a precaution against anyone getting personal information that could be damaging too me, I don't make that kind of information directly accessible too anyone, period. That is, unless I have them by the metaphorical balls in the form of legal contracts, signatory paperwork, carbon copies of hand written documentation, or images of those forcing me too use electronic signing bull-----! I have something that will hold anyone I willingly share this information with legally responsible for losing or inadvertently allowing identity thieves and electronic shysters too misuse this information for unethical, illegal purposes. I never do financial transactions over the internet or phone carrier waves. All that is done in person with hand written documentation and reciets. No pin numbers, SSNumbers, drivers license numbers, Bank account information, credit card information, gets transferred electronically. It's all done on paper, with carbon or inkjet copies. All records of transactions kept on hand at home for reference and proof of ownership and identity.
  • Sixgun77
    This is why my computer is just for gaming and watching movies. If it goes down there's nothing critical on it.
    • Yeah, it is so hard to convince CEOs, that there is no way to ensure they will not be hacked again. It is only a matter of when, not if. And if you have a good plan to recover your environment and your critical data, you will be okay.

    • Sixgun77

      My CD collection is on a usb drive. I only wish I could still buy games on disc and install instead of downloading.

  • DiegoO
    I've noticed that business owners (at least in my area) barely invest in physical security, and they probably much less or not invest at all in cyber-security, which goes beyond antivirus.

    As you said is important to save your most valuable information with several copies and on several devices. Sooner or later anyone will either fail or get hacked.
  • beldath
    Hopefully people follow the advice. Also print hard copies of photos, and important documentation.
  • Exorcist_Rampage
    Exactly. People at g@g are arrogant and think it is impossible to get their account hacked. Ransomware is dangerous.
  • October808
    Always back up to externals. Clouds are not foolproof. format c:\ when hit with the ransom.
    • There is no fullproof approach. There is only the one that gives you the best chance at recovering your data. Don't click on emails from accounts you do not know or have info about. If you are going to go to questionable sites, do it on a virtual machine or use a crap computer. All you can do is make the best decisions for you, your budget and the data that is important to you.

    • Nothing more foolproof than physical backups. Put it in a fireproof safe.

    • As long as they are to an external device. Its good. This client backup server was on their network. So their backups were encrypted.

      The landing zone must be offpremise.

      Then it depends on how much data loss you can stomach.

  • 5J5qFH4FefUu
    Make backups just in case you get infected or have a drive failure, and use GNU/Linux so you don't get infected in the first place.
  • CallMeGarth
    Good advice... Thanks for posting this.
  • Joker_
    I agree

The only opinion from girls was selected the Most Helpful Opinion, but you can still contribute by sharing an opinion!