Backup File Server to DAS
-
@IT-ADMIN said:
i think those ransomware engineers attack US businesses, because they know that the core economy reside in USA, they will not spend their time to attack worthless data of business in countries like qatar, lol
That you have said this makes you the absolute most likely candidate for this to happen to. This is the least secure thinking I could imagine.
Why do you feel that ransomware "targets" anyone? It does not. It hits everyone. EVERYONE. There is no concept of "don't take HIS money, he doesn't have a lot." That's crazy. They aren't going to waste their own time and effort avoiding you, if you can afford the ransom they will just shut you down and use you as an example to others. They have no way to know, nor would they care, that you are in Qatar.
Take a moment to empathize with ransomware writers, their goals, their effort, how this works. Clearly being in Qatar provides you absolutely zero protection from this. If anything it makes it far more likely because you do business with similar insecure companies.
-
now i see, and how people get affected by this damn ransomware, ??
spam emails or maybe an affected USB ???
so that we can take our precaution -
@IT-ADMIN said:
now i see, and how people get affected by this damn ransomware, ??
spam emails or maybe an affected USB ???
so that we can take our precautionAll of the above are sources of Ransomware.
-
very scaaaary, i hope never waking up in the morning with a screen like this, damn
-
@IT-ADMIN said:
now i see, and how people get affected by this damn ransomware, ??
spam emails or maybe an affected USB ???Anything could do it.
-
@IT-ADMIN said:
now i see, and how people get affected by this damn ransomware, ??
spam emails or maybe an affected USB ???
so that we can take our precautionPretty much all of those. All it takes is one person to pick up a strange USB device and plug it in at their office computer... or to click one bad link in an email... or even one malicious ad on a legit website (https://blog.malwarebytes.org/malvertising-2/2015/08/angler-exploit-kit-strikes-on-msn-com-via-malvertising-campaign/)
-
@scottalanmiller said:
Why do you feel that ransomware "targets" anyone? It does not. It hits everyone. EVERYONE. There is no concept of "don't take HIS money, he doesn't have a lot."
This is the problem. For some reason, people (in general) think that there is someone at a keyboard running these virii. They clearly don't understand that they are completely automated and are happy to steal $0.01 vs 1 billion dollars. And by happy I mean, no feelings at all.
-
@IT-ADMIN said:
so that we can take our precaution
- Never use software from third parties like download sites.
- Never use cracked software
- Keep your systems fully up to date and patched
- Run the latest software, not old versions
- Follow the principle of least necessary privilege
- Never let users be administrators
- Use a good AntiVirus like WebRoot and keep it updated
- Use a good firewall with Layer 7 filtering, like Palo Alto
- Restrict what users can do on the network, like going to random websites or inserting USB sticks
- Move from file servers to decoupled storage like many cloud products have
- Use decoupled backups
- Use backup media that is offline (like tape)
-
@Dashrender said:
@scottalanmiller said:
Why do you feel that ransomware "targets" anyone? It does not. It hits everyone. EVERYONE. There is no concept of "don't take HIS money, he doesn't have a lot."
This is the problem. For some reason, people (in general) think that there is someone at a keyboard running these virii. They clearly don't understand that they are completely automated and are happy to steal $0.01 vs 1 billion dollars. And by happy I mean, no feelings at all.
And also happy if you cannot pay and will just post online about how you lost everything and went out of business because that makes them money too from other companies that now know that they will have to pay.
-
i realize that i was very ignorant about the risks we have as network admins, i should setup a good backup plan as soon as possible, wow we are like in a forest, the strong eat the weak
-
@scottalanmiller said:
- Use a good firewall with Layer 7 filtering, like Palo Alto
How many of use actually do this though?
-
@Dashrender said:
@scottalanmiller said:
- Use a good firewall with Layer 7 filtering, like Palo Alto
How many of use actually do this though?
More than you'd think. Sophos is pretty popular in the SMB.
-
@IT-ADMIN said:
i realize that i was very ignorant about the risks we have as network admins, i should setup a good backup plan as soon as possible, wow we are like in a forest, the strong eat the weak
Yes, among the most important aspects of IT are security, risk management, disaster planning, etc. These are our core skills. The other stuff that we do is pretty trivial.
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
- Use a good firewall with Layer 7 filtering, like Palo Alto
How many of use actually do this though?
More than you'd think. Sophos is pretty popular in the SMB.
Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice?
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
- Use a good firewall with Layer 7 filtering, like Palo Alto
How many of use actually do this though?
More than you'd think. Sophos is pretty popular in the SMB.
Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice?
Cheaper to pay the ransom than it is to pay for a Sophos over a ERL!
-
There is a world of difference between "what are the steps to avoid X" and "what is the best business decision for a real business."
All IT is about managing risk and deciding where on the spectrum we are going to fall.
-
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
- Use a good firewall with Layer 7 filtering, like Palo Alto
How many of use actually do this though?
More than you'd think. Sophos is pretty popular in the SMB.
Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice?
Cheaper to pay the ransom than it is to pay for a Sophos over a ERL!
lol, it depend, there are some ransom who demand too much $
-
@IT-ADMIN said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
- Use a good firewall with Layer 7 filtering, like Palo Alto
How many of use actually do this though?
More than you'd think. Sophos is pretty popular in the SMB.
Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice?
Cheaper to pay the ransom than it is to pay for a Sophos over a ERL!
lol, it depend, there are some ransom who demand too much $
There are? and what is to much?
If you're being targeted by ransomware that is outside the of the normal $500-$1500 ransom, then it's likely that a Sophos won't save you anyway.
-
@IT-ADMIN said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
- Use a good firewall with Layer 7 filtering, like Palo Alto
How many of use actually do this though?
More than you'd think. Sophos is pretty popular in the SMB.
Sure, but the normal advice lately around these parts has been to use an ERL - doesn't that kinda fly in the face of the above listed advice?
Cheaper to pay the ransom than it is to pay for a Sophos over a ERL!
lol, it depend, there are some ransom who demand too much $
In which case you consider your data not worth the money.
So you forfeit your data.
Good job.. way to look at security ass backwards.
-
@scottalanmiller said:
There is a world of difference between "what are the steps to avoid X" and "what is the best business decision for a real business."
All IT is about managing risk and deciding where on the spectrum we are going to fall.
That's true, but it seems odd to me still to list it, when it would almost never be on the recommend that a business do this list.