So exactly what is the answer to Ransomware ?
1) Cyber-insurance company position - pay it - here is the money in bitcolin.
2) Cyber-criminal - thank you - I think we will do this again..... Lovely
3) Now what would happen if paying Ransomware demands was made illegal? Would that work?
4) Is it enforceable?
@rsladeI agree, that is an obvious move, but also to have your incident Response playbooks up to date, PR media communications ready to go. Plus make sure your hygiene levels are good.
However, this will not stop the current practices extorted by the cyber criminals.
Why should we allow them to actually do this against society and organisations and carry on doing it?
So it should be a multi-prong effort.
1) Recovery -Backups
2) Prevention - Awareness training
3) Detection - Antivirus/Antimalware
4) Prevention - Secure design
Just doing one action alone won't be very effective.
We have a vendor in the US that is running a commercial claiming their product protects you from the ransomware virus. It irks me every time I hear it. I know they only have 30 seconds to try to sell their product so they are dumbing it down for the consumer but I feel it is counterproductive as it makes the customer think that ransomware is just a virus so it should be caught by the antivirus product and they can click away without worry of it infecting themselves.
I think it will eventually evolve into everything being clicked on going into a sandbox to be unpackaged and evaluated before being returned to the user.
It's been on my list to look into, but maybe you have the answer, I have heard that some ransomware can hit backups. I am guess these would be near line backups connect as a share. So any idea what types of backups ransomware can and cannot get too?
Speaking of which...
"No patient or employee data appears to have been accessed, copied or misused"
I'm going to guess at this point they have no idea. Can't wait to read the OCR corrective action plan on this.
It's kind of what I thought. It would be interesting is they malware gateway for backups. I mean it wouldn't be very hard to do, allow data to be pulled from behind it and don't allow any kind of push.. kind of like making backups read only if you will..
As for the old malware.. I so get it.. there was a time I have an old x286 that I wanted to use for all the viruses I collected just to see the payloads, you know when viruses where cool, like RedX, Vadar, and dropper.. sadly never seemed to have the time.. to busy rebuilding corrupt double space drives and getting the boot sectors back from.. umm was in the money virus? Can't remember the names...
Yes, I'm old.. I remember going to computer show in high school and getting the latest vscan on 3.5..
It was funny this one show was setup around the edges of a pool! and batch then the surcharge to use a CC.
ya 2600 wasn't just a magazine, it was the other name for captain crunch and the crystal I put in my tone dailer I used at Woodstock.. wait what who say that?!?! hahah