[AusNOG] Ransomware...

Robert Hudson hudrob at gmail.com
Fri Sep 23 14:11:55 EST 2016 

On 23 Sep 2016 8:25 AM, "Skeeve Stevens" <skeeve+ausnog@
eintellegonetworks.com> wrote:
>
> This is from the perspective of someone who hasn't been held to ransom

Wrong. I have been hit at work where I am responsible for the IT systems
(to the point where I can lose my job, and thus ability to support my
family.  We recovered files without paying the ransom

> had their business at risk

Wrong. A family business has also been hit. We got hit at home too, with
documents encrypted that are worth way more to me than any company or
business document.  Again, we recovered files without legitimising the
business model of ransomware authors/attackers.

> and had no other choice.

Wrong.  Three strikes and you're out?  You're really not very good at this
baseless assumption thing, are you...

> The few here who say they wouldn't pay are the same... wait till it is
your only choice.

There is always another choice.  Being prepared is a major part of that
choice.

If you are storing business-critical documents without adequate protection
from a well documented style of attack that has existed in the wild for
years now, I would argue that you're not very good at this business thing,
and your failing to plan is really planning to fail.

A criminal has decided to attack your business, and upon breaching your
initial defenses, found you to be vulnerable. Someone with the ethics to
take that path is now holding your data to ransom, promising to release it
if you pay them some money via a path that makes it virtually impossible to
trace them. And never to bother you, someone who already proved that will
give up money if threatened, again.

Now, I don't pretend to understand the throught processes of such people.
But a target, I choose to trust people who have acted in that particular
fashion as far as I can throw them.

All the advice I get from people who I trust in matters such as this is
that I am doing the right thing.


Regards,


Robert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160923/e1a7748a/attachment.html>

More information about the AusNOG mailing list