|
|
Here, have another upvote
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
|
|
|
|
|
Very humorous!
Get me coffee and no one gets hurt!
|
|
|
|
|
Oh stoppit!
Get me coffee and no one gets hurt!
|
|
|
|
|
Why? Do you open e-mail from people you don't know?
Did you miss the 27,000 memos, too?
99% of good security boils down to not doing stupid things.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Sounds like you fall into the second category. Good luck!
Get me coffee and no one gets hurt!
|
|
|
|
|
Kidding, right? My back-up routine falls under the military category "Mutual Support", with files flying in every direction, from every machine to every machine, in perfectly-timed relays.
It's better planned than the bus services in most cities.
I could lose two-thirds of the machines on my network without losing a file, and would only lose any important files if all the devices failed at the same time as the Internet was switched off forever.
But I'm still not so stupid as to open e-mails from people I don't know, and will only open attachments to e-mails if the person has told me in advance (through a medium other than e-mail) that he's sending me an e-mail with an attachment.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Seems you have backups under control. The problem is not emails from scumbag entities, but more: Infected websites. I NEVER EVER open emails from untrusted sources, especially if it says it has an invoice attached. However, when browsing for info on the Internet: How do you know in advance that a particular link that came up in Google is infected? I refuse to cower in a safe little corner of the Internet for fear of infection. Because of a disciplined backup regime, I can recover from an infection in a minimum of time. (So far this year I had to do it three times!)
Get me coffee and no one gets hurt!
|
|
|
|
|
Well, my Interwebs use is pretty dull, compared to most people's. I haven't done much surfing for years (mainly because 85% of what you find by surfing is better left unfound), and I never click links that have emphatic adjectives in them.
"This could cause me to have to do work that I don't want to do" is always in the back of my mind, so I always think twice before clicking almost anything.
I think I'll get a T-shirt printed with "Curiosity Killed the Computer!" (and "No, I won't Fix it for You!" on the back).
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Some of the Rasnsomware also encrypts connected and network devices too.
Like Cloud Backups.
|
|
|
|
|
Oh Golly! Do you mean that I'm going to have to stop opening attachments in e-mails from people I don't know, and stop clicking every link I see?!?
How awful!
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
You can also get hit in a "watering hole attack"
Just by going to a site you normally do and trust "If" it gets compromised.
You don't have to do anything but display the page.
|
|
|
|
|
*IF* the ransomware can encrypt foreign drives ... you could lose everything at once. The biggest danger of this situation is believing we are safe. Better to be extra paranoid.
I have burned backups of personal files to DVD-R as a failsafe. Better safe than sorry ...
|
|
|
|
|
Better make sure it's on an m-disc. Normal dvd-r's have a very finite life before the ink layer seperates from the protective layer (I've been caught before thinking my backup dvds were good). In a high humidity environment of warmer than normal temps, the avg life could be about 2 years.
|
|
|
|
|
Thanks for the tip.
I know DVD/CD media has a finite lifespan. I'm doing regular daily, weekly, and monthly backups onto secondary HD and external HD. I've been doing DVD about every 6 months (as a fail safe) but now shifting to every 3 months. Storage is room temperature (60 F to 76 F) at low humidity. Life span in this situation should not be a problem.
Given my care in dealing with the internet I *think* I'm a low risk for infection. But not no-risk, hence my paranoid backups.
The real problem is not any of us, it's everyone else who can touch our personal and professional networks.
I keep in mind that every time someone makes something idiot proof, someone else creates a "better" idiot.
|
|
|
|
|
Well, uh, all I have to do is not give the program that's doing the nasty permission to cross the network.
There's paranoid, and then there's cautious and knowing what you're doing. Do a bit of research, before going crazy with a DVD burner -- Hell, a better solution would be to back-up once a day, then air-gap the backup discs.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
In an attempt to become the most secure IT company a local IT company shut down all their computers, fired all the employees, then the CEO resigned
|
|
|
|
|
Well, that is one alternative to maintaining sensible backups!
Get me coffee and no one gets hurt!
|
|
|
|
|
I don't open links from a non-known provenance.
However these emails were quite clever in that they included the postal addresses of the people they were aimed at. This fooled a lot of people into clicking on the link.
I could imagine the next version would be hackers looking for the word 'love' at the end of an email account they had hacked, then do an analysis of the email, write a similar email with a "look at these funny cat videos" link and spoof the sender's address. This could catch out even the most battle hardened IT troopers as not many of us can resist funny cat videos from family members.
I remember the good old earlier days of the interwebs when precisely for this reason we were all recommended to switch off javascript in our browsers and never click on any links in emails.
However nowadays browser security may again be becoming an issue largely because of the predominance of javascript enabled attacks. I hope I am wrong on this front and if I am please correct me.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
|
|
|
|
|
Oh, c'mon. Do we have to Get Darth Vader to climb back into his Green Cross Man costume?
Don't open any e-mail that has an attachment without first confirming with the person who (appears to have) sent it to you, show only picture placeholders by default, and look both ways before crossing the road.
It ain't rocket surgery.
Curiosity killed the computer.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Mark_Wallace wrote: Oh, c'mon. Do we have to Get Darth Vader to climb back into his Green Cross Man costume?
I agree with what you are saying and think your previous post with the solution of having a means of replicating files is a decent way to go if you have the hardware resources.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
|
|
|
|
|
One of our customers recently opened a link from an email from his internet provider.
The link looked alright (formatted as provider.com/businessinvoice), but actually linked to some weird website from Italy.
The email was signed by the manager products and marketing (because they send invoices, apparently).
A quick Google even learned this guy wasn't director anymore, but who checks that (I'm surprised they even used an actual person's name).
It was sent to jobs@company.com, because it's totally legit that the email address for job gets invoices.
And it contained sentences like "To get more info a! bout...".
WHY THE HELL DO PEOPLE OPEN THESE LINKS!?
In this case the result was CryptoLocker, booooooom!
Mandatory Dilbert[^]
|
|
|
|
|
Did your customer pay, or was he fully backed up. Note: Most cryptolockers will encrypt even NAS devices. Backing up to a NAS is simply not enough!
Get me coffee and no one gets hurt!
|
|
|
|
|
I really don't know.
He wasn't my customer or even a customer of the team.
Just a customer of the company and someone shared the story on our internal website (with screenshot).
Come to think of it, maybe this was one of those "friend of a friend" scenario's and he really meant "me" when he said "customer"
|
|
|
|
|
They get email all the time has "VOICE MAIL MESSAGE FROM 5139756654 53sec" or randome numbers.
Inside is voice mail message.zip
In there becomes voice mail message.wav.exe
|
|
|
|