UK Amazon Kindle Forum discussion

General Chat - anything Goes > Warning - ransomware

Comments Showing 1-19 of 19 (19 new)    post a comment »
dateDown arrow    newest »

Geoff (G. Robbins) (merda constat variat altitudo) (snibborg) | 9052 comments Sorry, if this is not directly book related, but I need to warn you about something that is on the rise - ransomware.

Bearing in mind how secure the organisation I work for is, we have managed to have two ransomware attacks in the last three days.

This is a form of attack that arrives either by email or by a compromised web site.

The effect of this attack is that your data becomes encrypted. You are then ransomed to get your own information back. That doesn't come cheap and even if you pay up there's no guarantee you will receive the key to unlock your data.

My recommendation is that you always keep your important stuff in two places. Buy an external USB drive if you have a lot of data or a pen drive if you only have a few gigabytes.

Do not leave the second drive plugged in. Plug it in, copy the data you want, then unplug it again.

When you receive emails with attachments, treat them with extreme caution. Ask yourself the question, would the person who appears to have sent the email, attach that kind of document? Would the person write in that style? If you are in any doubt, contact the person who sent it and check that they really did send it.

You cannot rely upon any kind of file to be safe. It is very easy to make a malicious file look like a word document or a pdf.

The same with web sites. Do not trust them at face value. Study it, make sure it looks normal. If in doubt, leave. Better to delay what you were doing for a few days than lose everything and still have to go back.

Please people, be vigilant. There are lots of people out there waiting to rob you. Don't let them.

message 2: by Philip (sarah) (new)

Philip (sarah) Willis | 5174 comments Thanks Geoff, forewarned is forearmed, I'll certainly heed your advice. Scary times we live in.

message 3: by Anita (new)

Anita | 3758 comments Thank you Geoff, I will take extra notice before I look at anything. Not a nice thought that you can be got at so easily.

message 4: by Jim (new)

Jim | 21872 comments Thanks Geoff

message 5: by Rosen (new)

Rosen Trevithick (rosentrevithick) | 2273 comments Thank you.

G J (Gaff to my friends) Reilly | 1901 comments Cheers Geoff,

Geoff (G. Robbins) (merda constat variat altitudo) (snibborg) | 9052 comments One thing that needs to be added to my previous post is that you should not rely upon your anti-virus software to catch this. With the latest versions and top notch protection, this problem is still getting into our systems. The AV also does not clean it off.

Anti-malware products are better (Which is what this attack is) but by no means a solution and are useless when the attack has deployed.

Vigilance is the only defence.

message 8: by B J (last edited Apr 28, 2015 02:00AM) (new)

B J Burton (bjburton) | 2914 comments Thanks, Geoff - a useful reminder. At what stage were the two ransomware attacks detected and what did you do about them?

Geoff (G. Robbins) (merda constat variat altitudo) (snibborg) | 9052 comments We have a clear policy, as it's a corporate environment. Wipe and rebuild the PC that was infected and restore the data from a known good backup. Some data was lost, but only a day.

The problem is that the data is encrypted to 1024 bit level, that would take decryption software several hundred years to decrypt with current technology.

The other problem is that it encrypts any drive letters that it finds, including network drives. So if you have a NAS box, that is also in danger. If you know that you have this infection, do not plug anything into the machine.

The best and safest option is to rebuild the PC from scratch. We are still investigating ways of removing the infection from infected PCs in the lab, but without success.

Luckily, the data that is encrypted does not itself deploy a payload of any kind, so cross-infection is unlikely. There also does not seem to be great danger in cross infection between machines on a network, although it should be assumed that further variants of this virus may well do this. Also, removing a USB drive that has been encrypted and placing it in an uninfected machine does not spread the contagion.

message 10: by Michael Cargill (new)

Michael Cargill Cargill (michaelcargill) | 2998 comments I've read several stories and anecdotes about people actually paying to get their data back, as it is so important to them... yet they make no attempt to stop it happening again.

It's amusing and baffling.

message 11: by B J (new)

B J Burton (bjburton) | 2914 comments Thanks, Geoff. It sounds as if we need to step up the frequency of our back-ups and ensure that we have no internet activity on a machine while it is backing-up to our Buffalo.

message 12: by Kath (new)

Kath Middleton | 25061 comments I'm sure backing up to a buffalo doesn't mean what I think it does. What a book title!

message 13: by Will (new)

Will Once (willonce) | 4053 comments Thanks, Geoff. Good advice.

My wife and I are paranoid about backups. So we have multiple backups of anything of value - on-site backups (USB sticks, external hard drives), internet backups (paid for service via Norton) and cloud backups.

If I am working on a book or a consultancy project, I will regularly email the text as an attachment between one email account and another.

The trick seems to be to have multiple levels of protection because we face multiple threats. We shouldn't rely on on-site backups because of threats of fire, theft etc to that site. Equally, we shouldn't rely solely on the internet because that can fail too.

Geoff (G. Robbins) (merda constat variat altitudo) (snibborg) | 9052 comments As a great deal of my work with companies involves disaster recovery, I tend to get more paranoid as time goes by.

It puzzles me that such a large number of companies use Amazon Cloud for their backbone. This is a company with a huge turnover, but has never made a profit and thus never given a dividend to shareholders. What happens if the shareholders lose patience and cash in? Those of us that remember the end of the dot com bubble still come out in a cold sweat when comparing that to the current state of play in the IT industry.

Glad to see that you have a healthy sense of paranoia too, Will. All our data is backed up to external hard drives and our server is backed up to tape which is then stored in a fireproof safe and/or stored offsite on a daily basis.

My concern about copying data to a external hard drive is that the copy process does not perform a checksum, so you could be copying corrupt data. Tape does do the checksum. Told you I was paranoid.

message 15: by Anita (new)

Anita | 3758 comments Now you are scaring me Geoff ! Do I have to do anything ? I got my photos backed up on 2 external hard drives and the rest of the stuff is in this cloud thingy, is that enough ?

message 16: by Anita (new)

Anita | 3758 comments Kath wrote: "I'm sure backing up to a buffalo doesn't mean what I think it does. What a book title!"

Hehehe Kath, I would say I wonder what it's about but I don't think I would like the answer !

message 17: by Michael Cargill (new)

Michael Cargill Cargill (michaelcargill) | 2998 comments Anita, the answer to that question ultimately depends on how much you value your data.

Relatively speaking losing photos would be an annoyance, whereas losing files that are important to your job and livelihood could be devastating.

Hard drives can fail without warning, and a power surge or a virus could take them out all in one go. The stuff in the cloud would be protected from that, but that's not to say whoever is hosting it can't go out of business, get shut down by the FBI, hacked by the Chinese, etc.

message 18: by Tim (new)

Tim | 9478 comments In 1988 I lost around 200 slide photos that I'd taken as a teenager in the Mediterranean. I was moving house, and somehow they never arrived at the new place. I'm still pissed off about it nearly 30 years later...

Just saying. Losing stuff sucks big time, whether it's in a box or on a hard drive.

Geoff (G. Robbins) (merda constat variat altitudo) (snibborg) | 9052 comments Sorry Anita, I never meant to scare you. Making you more aware of what you are doing with the things you value is important.

The thing you have to remember is that nothing lasts forever, therefore if its multiple places then you are less likely to lose them.

I would like to say that solid state drives are more reliable than hard disks, but going from my own experience that doesn't appear to be the case. I've lost two in the last 6-8 months and we only have three!

back to top