- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
New ransomware threats have cost US companies over a $1 mil since late last year..
Posted on 9/13/19 at 10:16 am
Posted on 9/13/19 at 10:16 am
Most of these threats come from Russia, North Korea and China.
1. Hackers infiltrate a company's security and install ransomware into their system.
2. Ransomware encrypts the entire system with military grade encryption.
3. Hackers demand 15-20 bitcoins to decrypt their files. If no payment within 2 weeks, the entire network is deleted.
4. Up-to-date virus protection is successful to prevent this, but most are not up-to-date.
A Louisiana corporation was hit with this virus recently.
What a corporation will see once it has occurred..
LINK
1. Hackers infiltrate a company's security and install ransomware into their system.
2. Ransomware encrypts the entire system with military grade encryption.
3. Hackers demand 15-20 bitcoins to decrypt their files. If no payment within 2 weeks, the entire network is deleted.
4. Up-to-date virus protection is successful to prevent this, but most are not up-to-date.
A Louisiana corporation was hit with this virus recently.
What a corporation will see once it has occurred..
LINK
11
Posted on 9/13/19 at 10:18 am to LSUAlum2001
quote:That's it?
over a $1 mil since late last year
Posted on 9/13/19 at 10:19 am to castorinho
quote:
That's it?
They keep the ransom low so insurance will cover it.
Most ask for $300K or less.
Posted on 9/13/19 at 10:19 am to LSUAlum2001
Posted on 9/13/19 at 10:24 am to LSUAlum2001
I worked at a company that got hit with one, they paid out like punks. Should have held strong.
Posted on 9/13/19 at 10:24 am to LSUAlum2001
Some folks on here probably like hearing they’ve been penetrated
Posted on 9/13/19 at 10:25 am to LSUAlum2001
Way low.
It is much higher than that.
It is much higher than that.
Posted on 9/13/19 at 10:25 am to LSUAlum2001
What happened to off-site backups; cloud or DLT OR LTO tapes in a vault. I
Posted on 9/13/19 at 10:27 am to LSUAlum2001
What's sad is issues like this can (mostly) be prevented with a little common sense and pretty basic network security practices.
Posted on 9/13/19 at 10:29 am to LSUAlum2001
I don’t understand how this stuff isn’t traceable. It shouldn’t be that easy to get away with.
Posted on 9/13/19 at 10:29 am to N2cars
quote:
It is much higher than that.
Yuuuuup.
It's sad that there are a lot of organizations, especially in healthcare, that just pay the ransom. The thing is, there's no guarantee you'll get your data back if you do pay.
Posted on 9/13/19 at 10:30 am to Jon Ham
I'd imagine they are using a botnet behind a proxy
Posted on 9/13/19 at 10:31 am to Pechon
It is a big reason I hate Bitcoin. (
Bitcoin makes this all very easy for them.
Bitcoin makes this all very easy for them.
Posted on 9/13/19 at 10:31 am to LSUAlum2001
Andy Mitton is balsy, puts his email out there for the world to see.
Posted on 9/13/19 at 10:32 am to LSUAlum2001
You know how you defeat 99.9% of ransomware?
Patch your fricking endpoints.
There, I saved you millions.
Patch your fricking endpoints.
There, I saved you millions.
Posted on 9/13/19 at 10:34 am to LSUAlum2001
We got hit with one a little while back. All we had to do was nuke the server and restore the backup that's run every 15 minutes. We lost maybe half a day of work and whatever people had stored on their local machines, which wasn't much. Not a bad outcome. Not great outcome. It would be better if the old people in my office could more easily recognize malicious emails.
Posted on 9/13/19 at 10:41 am to Pechon
quote:
The thing is, there's no guarantee you'll get your data back if you do pay.
If the hackers want to maintain their scheme, it is better if they do restore the data.
Posted on 9/13/19 at 10:42 am to castorinho
It is WAY more than that when you count lost productivity
Posted on 9/13/19 at 11:13 am to Centinel
quote:
You know how you defeat 99.9% of ransomware?
Patch your fricking endpoints.
There, I saved you millions.
Don't give any users domain admin rights or local admin rights (if possible). If you absolutely have to give local admin rights to a certain user, make sure it's with a different account than their everyday account, and make sure the local admin password across every endpoint is different.
This post was edited on 9/13/19 at 11:15 am
Posted on 9/13/19 at 3:20 pm to jdd48
1 stop it at the firewall with atp and other next gen firewall services
2 stop it at a web filter between the users and the firewall
3 stop it with a good spam filter
4 stop it with least access and an endpoint security suite (not just antivirus)
5 have a strictly enforced security policy in place and required user training on a yearly basis.
6 at least quarterly send emails regarding the latest threats and tips to avoid them. Also include refresher info contained in the user training
7 have backups and a modern backup system. Ours backs up critical data hourly non critical data and easily reproduced data nightly. Retain several years worth of said backups, with a modern dedup backup system that should not be too difficult. We keep five years.
8 have a disaster recovery plan and test it frequently.
2 stop it at a web filter between the users and the firewall
3 stop it with a good spam filter
4 stop it with least access and an endpoint security suite (not just antivirus)
5 have a strictly enforced security policy in place and required user training on a yearly basis.
6 at least quarterly send emails regarding the latest threats and tips to avoid them. Also include refresher info contained in the user training
7 have backups and a modern backup system. Ours backs up critical data hourly non critical data and easily reproduced data nightly. Retain several years worth of said backups, with a modern dedup backup system that should not be too difficult. We keep five years.
8 have a disaster recovery plan and test it frequently.
This post was edited on 9/13/19 at 3:22 pm
Page 1 of 1
Popular
Back to top
Follow TigerDroppings for LSU Football News