To anyone working in the field, it will come as no surprise that almost half of the 1600 businesses and consumers in the survey quoted at The Inquirer have been the victim of a ransomware attack. What will come as a disappointment to you is that 70% of those who were infected paid the the ransom, 25% of them between $20,000 to $40,000. Shockingly the majority of those who paid the ransom got nothing back; after all how could someone who makes money by purposefully infecting machines not honour their word?
If you are infected with ransomware you have lost the data, pure and simple. Reimage and move on, this is why you have backups. It is painful and frustrating but if you pay the bitcoins you are not going to get anything back and are encouraging them to continue by making this a lucrative business. Just as it is with spam, it takes only a tiny percentage to fall for it to make it profitable. Go and back your stuff up, twice. If you need a stocking stuffer for someone get them an external drive or a subscription to an online backup service, look into CryptoDrop or a similar program. Just don't give them bitcoins
"The report suggested that as many as 46 per cent of the respondents had been affected by ransomware and that 70 per cent of these had admitted to paying the ransom, contrary to the advice of law enforcement agencies."
Here is some more Tech News from around the web:
- AMD's New Ryzen CPU – SMT and IPC @ [H]ard|OCP
- Microsoft releases Skype Mingo, its ultimate Android chest-burster app @ The Inquirer
- No envy for NVMe: Hardened newbie talks to the Reg @ The Register
- Microsoft's Edge to flush Adobe Flash in Windows 10 Creator’s Update @ The Register
- Building a Coder's Paradise Is Not Profitable: GitHub Lost $66M In Nine Months Of 2016 @ Slashdot
- Macbook seized or stolen? But you've set a FileVault password, right? Ha, it's useless @ The Register
- Zero-Days Hitting Fedora and Ubuntu Open Desktops To a World of Hurt @ Slashdot
- Bluestar Linux: A Beautiful Take on KDE and a User-Friendly Arch-Based Distribution @ Linux.com
- Fedora 25: With Wayland, Linux has never been easier (or more handsome) @ Ars Technica
- TR's 12 days of giveaways: sign up here for a chance at some gear @ The Tech Report
Probably the creators of the
Probably the creators of the Popcorn Time ransomware agree, so they offer the chance to take the key for free by infecting two other computers and hoping their owners to pay. Nice ransomware. It doesn’t only check if you are stupid, but also if you are a pathetic piece of s…..
yeah, everytime I read that
yeah, everytime I read that someone pays the ransomware i get frustrated. I would already recommend people not pay the ransomware even if the ransomers had a history paying. But this is rediculous.
For business it’s just
For business it’s just pathetic that they wouldn’t have 3-2-1 backup plan, that’s just get what you get type stuff.
It’s the home users that get fucked that pisses me of every time. I have heard story after story about people paying wayyyyyy too much (or anything at all for that matter) just to get their 1tb of stuff unlocked, whether they get it back or not. They talk about their photos that have such sentimental value, yet they never printed any out. Perhaps if you’re daughters wedding photos are that important maybe they should be in a photo album or frames, not sitting on a 5 year old spinning rust hard drive inside your off brand laptop you got at future shop.
They talk about their past homework, essays, film projects ect as if these are important documents necessary to archive for the basic survival of the species.
The biggest douches (i’m specifically talking about one old friend) talk about old games that they have lost the disks for, and while they may or may not ever play them again they deserve the option to.
Oh and that one dude who lost his napster mp3 collection as if it was some unique never replaceable master compilation of the greatest musical examples of humanity’s greatness.
Basicaly the only reason the’s “kidnapping” pieces of garbage get so much ransom in the first place is because people over value their bits and bytes yet do nothing to protect their stuff.
3-2-1: 3 copies, 2 different mediums, 1 off site.
Backups are grand. But if an
Backups are grand. But if an organization truly wanted to be immune to such nonsense they’d have a base/generic image installable via net/pxe boot environment allowing for bare metal to operational in <= 30min. Everything of import would be on some fs with snapshot support. I have everything my clients care about on a zfs based NAS (raidz2) with varying frequencies of snapshots depending on the expected turmoil of the data. 5min is the most frequent. In the case of such an infection it's a some matter of executing the dr01d that caussed/started the infection and then rolling back to the last clean snapshot. WINNING!
As much as I hate that it
As much as I hate that it ever works, I kind of understand the value proposition to the casual consumer: it wouldn’t occur to many to spend the time/money on backups up front, and it’s only when facing the data loss that they decide it’s worth the $200 (or at least that’s what my cousin was asked for.)
But for a business who puts a value above $40,000 on their data and who has employees who can be assigned to implement a backup regime, to have not done that…. wow.
Agree with you. Getting angry
Agree with you. Getting angry at gen-pop for not knowing a proper way of backing up their data is expecting way too much.
Most people who arent tech savvy just dont have the knowledge or know how to how important it is to have multiple backups, lets alone the concept of ransomware.
Different story for business though.
Also a fine mess of words
Also a fine mess of words there…
No backups and you are
No backups and you are playing Russian Roulette with your business!
Also Adobe Flash is one of the biggest pawning vectors out there so get rid of that also! No Flash payer detected is a good thing for security! It’s best to not view any live stream events that force a Flash Player install, just wait for the event to be encoded in HTML5 versions!