- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
1
Posted on 11/20/18 at 9:19 am to CHiPs25
$7k upfront cost + $600/mo for 12 months = $14,200
VS.
$11k ransom
Hmmm?
VS.
$11k ransom
Hmmm?
Posted on 11/20/18 at 9:25 am to GrammarKnotsi
quote:
Your IT company should be fired immediately for not using bitlocker and app locker. They are free MS apps and easy to manage
BitLocker isn't going to help prevent this. Haven't used App Locker not sure about that one.
Posted on 11/20/18 at 9:28 am to Trauma14
I'd go nuts if I was held ransom like that. We have a contracted company and I back up certain folders every night. Thankfully I have only needed it for dumbass employees
Posted on 11/20/18 at 9:50 am to tigerpawl
quote:
$49 for a backup app; $149 8TB External Hard Drive. Peace of Mind: $$Priceless.
Unless you are unplugging that USB external device after the backup, you haven't protected a fricking thing. These ransomware attacks gain elevated privilege and encrypt EVERYTHING it has write access to.
There is a whole lot of ignorance going on in this thread.
Posted on 11/20/18 at 10:18 am to Spock's Eyebrow
quote:
I'm not familiar with AppLocker, but Bitlocker is only going to protect drives that are locked (at rest), though the whole Secure Boot apparatus protects against root kits and tampering with boot files. BitLocker's not going to help if someone downloads a program that proceeds to do its own encryption of their Bitlocker-encrypted files on an unlocked volume.
Agreed. I mentioned Bitlocker in my post because it goes along with Applocker in my basic security setup for all client devices. It's the initial 1-2 punch for us
Applocker essentially prevents non-admin users from running any .exe files unless that file is on a whitelist.
This post was edited on 11/20/18 at 10:31 am
Posted on 11/20/18 at 10:18 am to CHiPs25
nm
This post was edited on 5/21/20 at 2:29 pm
Posted on 11/20/18 at 10:22 am to jcole4lsu
If people are dragging and dropping their files onto a USB device, sure. Would be fine if the backup is encrypted.
About ten years ago we moved to centralized storage for all domain PCs. Makes backups much easier to maintain since nothing is stored on the client.
About ten years ago we moved to centralized storage for all domain PCs. Makes backups much easier to maintain since nothing is stored on the client.
Posted on 11/20/18 at 10:30 am to WikiTiger
quote:
What is going to happen to that employee? If they aren't fired then you are doing your company a great disservice. One of the biggest issues I have seen in IT is that negligent users rarely suffer any consequences, and without consequences then this stuff will continue to happen.
We hold regular trainings and incentivize our users to report phishing attempts. I make sure to have IT security briefly mentioned in nearly every staff meeting. Real world examples often have the desired effect of bringing ITSEC to the front of their minds
Posted on 11/20/18 at 10:31 am to philabuck
quote:
If people are dragging and dropping their files onto a USB device, sure. Would be fine if the backup is encrypted
If you can write to a drive, it’s at risk. I’m not sure people are understanding that encryption doesn’t mitigate this.
Posted on 11/20/18 at 10:57 am to Trauma14
I know you were joking, but there are no guarantees that they will give you back everything once they have the $11k, and no guarantees that they won't target you again.
Posted on 11/20/18 at 12:58 pm to Trauma14
quote:
$7k upfront cost + $600/mo for 12 months = $14,200 VS. $11k ransom Hmmm?
I'm sure what the hackers had access too was worth more than 11k as well the lost productivity with the network down.
Posted on 11/20/18 at 2:29 pm to jcole4lsu
quote:
There is a whole lot of ignorance going on in this thread.
Posted on 11/20/18 at 3:47 pm to TAMU-93
quote:
For home, I use Macrium Reflect. All my PCs get backed up to a NAS.
+1
I haven't used their pay version but the freebie does exactly what I need in making a quick clone of my hard drive.
It also has a scheduling feature that will automatically clear out old images after a specified amount of time.
Posted on 11/20/18 at 7:47 pm to BottomlandBrew
quote:
Like you, we did not back up individual machines, which sucked when we had to bring everything back up, but we learned from our mistakes and now backup everything.
We will be doing something on the individual machines moving forward. We had to reset 8 machines today and lost some pretty important data that will be hard to recreate.
quote:
I even backup files from our CNC machine that I'll likely never need again, but you never know.
Our CNC files are stored on our domain server. There is nothing locally backed up so our DATTO box automatically backs the domain up every 15 min.
Posted on 11/20/18 at 9:46 pm to Weekend Warrior79
quote:
know you were joking, but there are no guarantees that they will give you back everything once they have the $11k, and no guarantees that they won't target you again.
No guarantees but if they.dont give it back then as they do this more and more it turns into a situation where nobody will pay them.
Posted on 11/20/18 at 11:12 pm to CHiPs25
You need a spam/email filter that scans messages, attachments and sandboxes embedded urls. Also run non-persistent VDI for dumbass employees desktops. Use Microsoft known folders/One drive to store their personal data in the cloud. Run VM's for all your servers and snapshot the VM's and replicate your storage off-site. Since all of the desktops and servers are virtual in this scenario run an av/Anti-Malware tool at the hypervisor/host layer.
Posted on 11/21/18 at 7:48 am to jcole4lsu
(no message)
This post was edited on 3/7/19 at 2:03 pm
Posted on 11/21/18 at 11:43 am to bigblake
what is everyones thoughts on cloudberry as a backup solution and protection against ransomware?
Posted on 11/21/18 at 12:24 pm to diat150
1. Next Gen Firewall with Services (Malware, ATP, Virus, Web Filter etc.) We like Barracuda.
2. Spam Filter with comparable services. We like Barracuda
2. Backup solution with 30 min backups of files, and good dedup. We like Rapid Recovery.
3. Client and Server AV with email/internet protection. We like AVG (Avast now).
4. Segregation of server duties between several machines. ie. separate AD server, file server, etc.
5. File server shares segregated by groups and write permissions only as needed.
6. Image for desktops.
7. Proper security on AD accounts.
8. User training.
9. Locking down desktops to only allow users to have enough access to do their job.
10. Keep everything patched.
We got hit one time years ago. Damage was restricted to the users profile (redirected folders on the file server) and that departments file share. Infected machine was reimaged, the users profile was restored on the server, and the departments file share was restored on the server. Total downtime 45 min total for the user, about 20 for that department as a whole.
2. Spam Filter with comparable services. We like Barracuda
2. Backup solution with 30 min backups of files, and good dedup. We like Rapid Recovery.
3. Client and Server AV with email/internet protection. We like AVG (Avast now).
4. Segregation of server duties between several machines. ie. separate AD server, file server, etc.
5. File server shares segregated by groups and write permissions only as needed.
6. Image for desktops.
7. Proper security on AD accounts.
8. User training.
9. Locking down desktops to only allow users to have enough access to do their job.
10. Keep everything patched.
We got hit one time years ago. Damage was restricted to the users profile (redirected folders on the file server) and that departments file share. Infected machine was reimaged, the users profile was restored on the server, and the departments file share was restored on the server. Total downtime 45 min total for the user, about 20 for that department as a whole.
Page 2 of 3
Popular
Back to top
Follow TigerDroppings for LSU Football News