ransomware
Wed Jun 28 02:05:46 EDT 2017
When I hear companies admit that they've lost access to files from this latest ransomware attack, all I can do is ask "WHY"? Why are they still using long-outdated versions of Windows that are vulnerable to these recent attacks? After the previous, recent attack (Wanna-Cry), no one can say that (s)he wasn't aware of the risk. Did they make backups after the last attack? Everyone needs backups; they are the means of recovery from more than malware.
Wednesday 03:22
They keep going on about the new ransomware attack, but the first coverage I heard (on Radio Canada's "As It Happens") reported that the payment email address has been disabled by its ISP, so no one is able to pay the ransom now. Yet I keep hearing (from the BBC yappers) that this attack leaves victims stuck until they pay. If AIH is correct, the victims are stuck, period.
And apparently if there's a file on your computer with a particular name, this attack will spare you. But one of the interviewees said it makes more sense to address your basic vulnerability (the outdated, unpatched OS), rather than chasing the magic talisman for each attack; the fix du jour is going to be different for every attack - if you can find it before you're a victim too - and these attacks are not going to stop. The vulnerable systems are low-hanging fruit. Run a current OS; keep current with security patches; make backups; don't open unexpected attachments.
You might even want consider switching from Windows to Linux, especially if you're only doing web surfing and email. Linux isn't immune, but it isn't the big target, either. Hackers attack Windows because it has a much bigger payback: there's far more computers running Windows, and a lot of them are vulnerable.
[This entry was originally posted as https://syntonic-comma.dreamwidth.org/899048.html on Dreamwidth (where there are
comments).]
When I hear companies admit that they've lost access to files from this latest ransomware attack, all I can do is ask "WHY"? Why are they still using long-outdated versions of Windows that are vulnerable to these recent attacks? After the previous, recent attack (Wanna-Cry), no one can say that (s)he wasn't aware of the risk. Did they make backups after the last attack? Everyone needs backups; they are the means of recovery from more than malware.
Wednesday 03:22
They keep going on about the new ransomware attack, but the first coverage I heard (on Radio Canada's "As It Happens") reported that the payment email address has been disabled by its ISP, so no one is able to pay the ransom now. Yet I keep hearing (from the BBC yappers) that this attack leaves victims stuck until they pay. If AIH is correct, the victims are stuck, period.
And apparently if there's a file on your computer with a particular name, this attack will spare you. But one of the interviewees said it makes more sense to address your basic vulnerability (the outdated, unpatched OS), rather than chasing the magic talisman for each attack; the fix du jour is going to be different for every attack - if you can find it before you're a victim too - and these attacks are not going to stop. The vulnerable systems are low-hanging fruit. Run a current OS; keep current with security patches; make backups; don't open unexpected attachments.
You might even want consider switching from Windows to Linux, especially if you're only doing web surfing and email. Linux isn't immune, but it isn't the big target, either. Hackers attack Windows because it has a much bigger payback: there's far more computers running Windows, and a lot of them are vulnerable.
[This entry was originally posted as https://syntonic-comma.dreamwidth.org/899048.html on Dreamwidth (where there are
comments).]