Ransomware is nothing to play with.

Master Age: 51

Well, I have been gone from the forum for a couple of months. I was just focusing on year-end stuff with my clients going into December. But I thought I would have my usual downtime after the 1st. And I was totally wrong. On the 2nd of January, my biggest client was attacked via ransomware. The hacker got into their network using remote access. He infected over three million files with a variant of Dharma. It corrupted everything. Their snapshots, their backup systems. Thank God it didn't corrupt their virtual environment or their email system. Without those two pillars they would have lost their entire company. Over 600 people would have been out of work.

I don't know if you guys know much about ransomware. Most at GaG seem to be blissfully ignorant about technology/science topics. But it is nothing to play around with. This client of course, played around with it. This was their third ransomware breach. And they simply did not address the issues they had with email and remote access.

They have had a bad email policy going back years. They should have banned free or private email usage on their computers long ago. They have a good virus scanner, but virus scanners can only protect against known threats. They also had a lousy remote access policy. They should have been using multifactor authentication years ago. But corporate folks are stupid. They are always trying to cut corners. Most of the time it is great for me, because I get to charge overtime/doubletime etc. But it isn't a good situation if the company almost goes under because of a silly ransomware breach.

For people just trying to protect their private computers, you have to stop thinking that you can protect yourself and just assume you are going to get hacked or breached at some point. So save all your critical data to usb drives or in the cloud. And when you get breached, just rebuild your computer from your OS/manufacturer installation and reinstall all your stuff. The OS, programs, games can be replaced. But your valuable data, your documents, images, photos, etc. cannot.

Post Opinion

12 Opinion

8 likes

Most Helpful Opinions

MrOracle Follow
Master Age: 54

+1 y
399 opinions shared on Technology & Internet topic.

All data storage devices will eventually fail, so making backups is vital. That means of EVERYTHING!

I tell my customers and my family and friends to make sure they are backing up their phones, tablets, laptops, desktops, and anything else that stores data that they don't want to lose forever.

Still, many of them have lots of irreplaceable photos, videos, and other things on their phones and tablets that are encrypted and very easily lost for any of several reasons, and no backups.

I have spent a considerable amount of time and money on my backup strategy, with multiple copies including off-site backups of critical data in case of a fire or other disaster. It's a hassle, but I have lost hard drives before and was able to recover, and that is worth the money and hassle every time.

0

1 Reply
- RolandCuthbert
  
  +1 y
  Yeah, that is hilarious. Last year, a CEO tried to make me responsible for the data on his phone. I was like dude, it takes 30 minutes to make a backup. We recovered his data, for an additional cost.
  
  Reply

Most Helpful Opinions

Smegskull Follow
Yoda Age: 34

+1 y

I've run it on a test bench before to test RAID but never fallen victim to it thank god.

1

11 Reply
- RolandCuthbert
  
  +1 y
  Well, it is out there. Most common vector is email. The other two times they were infected, it either came in via private account or because someone spoofed a vip.
  
  Reply
- Smegskull
  
  +1 y
  VPN?
  
  Also welcome back dude.
  
  Reply
- RolandCuthbert
  
  +1 y
  They are using VPN, but they had a requirement for remote desktop. And it was all because of old legacy software.
  
  How/why a firm of that size is using Quickbooks, I will never know. Just cheap man. Cheap, cheap, cheap. . .
  
  This breach cost them half a mil, easy.
  
  Reply
- RolandCuthbert
  
  +1 y
  Oh and thanks!
  
  Reply
- Smegskull
  
  +1 y
  Cheap cheap cheap and yet every company is still running Windows OSs.
  Everything important to me is on a password locked read only partition. I get this is impractical for company networks but you should at least have a rollback clone in that case.
  
  Reply
- RolandCuthbert
  
  +1 y
  Well, they are going to need to invest in cloud storage. I have put together a proposal using a cloud provider and Veeam Backup software. They are not fully virtualized yet. They need to get that done.
  
  I am more happy to charge them up the butt for that.
  
  :D
  
  Not sure we will win this bid though.
  
  Reply
- Smegskull
  
  +1 y
  You think they will go for the old hard backup method? 600 employees that's gotta be petabytes of data.
  
  Reply
- RolandCuthbert
  
  +1 y
  No. And it is only terabytes at this point. They are lucky in that half of those folks are parttime remote staff, so they don't have much beyond email. That's why it was a blessing that email was intact. But I hope I win this bid. It is expensive, but it will do the job. They can backup their virtual environment almost every single hour. Then ship daily copies up to the cloud. It gives them an offsite footprint for DR in case there is an issue.
  
  Reply
- Smegskull
  
  +1 y
  Good for you.
  I work with databases and am in constant fear of something like this. Thankfully they are all remote access SQL so there is little chance of ransomewere running on it... That said it is on a partition on a server so all it would take is something that ignores partitions like a fake firmware update and just holds the entire server unit or heck the full facility if they're unlucky.
  
  Reply
- RolandCuthbert
  
  +1 y
  We actually had two SQL servers get infected. Dude I don’t know Jack about SQL. But once I got it reinstalled it was easy to mount the databases. Luckily, their applications were not too complicated. They were able to get back in and start working again. They really need to start using multi factor.
  
  Reply
- 5J5qFH4FefUu
  
  +1 y
  RAID is not a backup.
  
  Reply

SecretGardenBlood65 Follow
Explorer Age: 32

+1 y

Good take

1

0 Reply

What Girls & Guys Said

Opinion

Citizenkirk Follow
Guru Age: 54

+1 y

As a precaution against anyone getting personal information that could be damaging too me, I don't make that kind of information directly accessible too anyone, period. That is, unless I have them by the metaphorical balls in the form of legal contracts, signatory paperwork, carbon copies of hand written documentation, or images of those forcing me too use electronic signing bull-----! I have something that will hold anyone I willingly share this information with legally responsible for losing or inadvertently allowing identity thieves and electronic shysters too misuse this information for unethical, illegal purposes. I never do financial transactions over the internet or phone carrier waves. All that is done in person with hand written documentation and reciets. No pin numbers, SSNumbers, drivers license numbers, Bank account information, credit card information, gets transferred electronically. It's all done on paper, with carbon or inkjet copies. All records of transactions kept on hand at home for reference and proof of ownership and identity.

1

0 Reply
DiegoO Follow
Guru Age: 34

+1 y

I've noticed that business owners (at least in my area) barely invest in physical security, and they probably much less or not invest at all in cyber-security, which goes beyond antivirus.

As you said is important to save your most valuable information with several copies and on several devices. Sooner or later anyone will either fail or get hacked.

0

0 Reply
Sixgun77 Follow
Explorer Age: 47

+1 y

This is why my computer is just for gaming and watching movies. If it goes down there's nothing critical on it.

1

2 Reply
- RolandCuthbert
  
  +1 y
  Yeah, it is so hard to convince CEOs, that there is no way to ensure they will not be hacked again. It is only a matter of when, not if. And if you have a good plan to recover your environment and your critical data, you will be okay.
  
  Reply
- Sixgun77
  
  +1 y
  My CD collection is on a usb drive. I only wish I could still buy games on disc and install instead of downloading.
  
  Reply
beldath Follow
Xper 6 Age: 44

+1 y

Hopefully people follow the advice. Also print hard copies of photos, and important documentation.

1

0 Reply
October808 Follow
Explorer Age: 51

+1 y

Always back up to externals. Clouds are not foolproof. format c:\ when hit with the ransom.

0

3 Reply
- RolandCuthbert
  
  +1 y
  There is no fullproof approach. There is only the one that gives you the best chance at recovering your data. Don't click on emails from accounts you do not know or have info about. If you are going to go to questionable sites, do it on a virtual machine or use a crap computer. All you can do is make the best decisions for you, your budget and the data that is important to you.
  
  Reply
- October808
  
  +1 y
  Nothing more foolproof than physical backups. Put it in a fireproof safe.
  
  Reply
- RolandCuthbert
  
  +1 y
  As long as they are to an external device. Its good. This client backup server was on their network. So their backups were encrypted.
  
  The landing zone must be offpremise.
  
  Then it depends on how much data loss you can stomach.
  
  Reply
Exorcist_Rampage Follow
Yoda Age: 30

+1 y

Exactly. People at g@g are arrogant and think it is impossible to get their account hacked. Ransomware is dangerous.

0

0 Reply
5J5qFH4FefUu Follow
Xper 1 Age: 21

+1 y

Make backups just in case you get infected or have a drive failure, and use GNU/Linux so you don't get infected in the first place.

0

0 Reply
CallMeGarth Follow
Xper 6 Age: 51

+1 y

Good advice... Thanks for posting this.

1

0 Reply
Joker_ Follow
Master Age: 20

+1 y

I agree

1

0 Reply

The only opinion from girls was selected the Most Helpful Opinion, but you can still contribute by sharing an opinion!

Home > Technology & Internet > myTakes > Ransomware is nothing to play with.