Backup File Server to DAS

scottalanmiller

@coliver said:

Not sure if that is backwards. Seems like they are making the decision that their data doesn't have the same value of the ransom.

And maybe it doesn't. It's not worth a Windows license, good backups, etc. Those things are cheaper than the ransom, normally. So not surprised if the data isn't worth much of anything.

Dashrender

@scottalanmiller said:

@Dashrender said:

@scottalanmiller said:

There is a world of difference between "what are the steps to avoid X" and "what is the best business decision for a real business."

All IT is about managing risk and deciding where on the spectrum we are going to fall.

That's true, but it seems odd to me still to list it, when it would almost never be on the recommend that a business do this list.

A large business sure would.

OK true - again we are an SMB site, not an enterprise one. In the case of an enterprise, the cost of Sophos vs restoring data is a no brainer.

scottalanmiller

@DustinB3403 said:

Rather than saying "We need to build a solution to prevent this from occurring, or doing everything in our power to get around the issue of being cryptolocked"

Thats something you never do in IT. You never do "everything in your power." Truly, never. That's what @Dashrender and I were discussing. You almost never bother with a UTM for this, but doing everything in your power, you would. You rarely see an SMB go to tape, yet that is how you best avoid this.

Everything in IT is about weight the options versus the risk and determining what makes the most sense for the given scenario.

IT-ADMIN

@DustinB3403 said:

@coliver But it is completely backwards.

To think, oh hey I'm being ransomed for my data. He doesn't specify a value. Just that the ransoming is occurring, the value could be $300US.

Which might be @IT-ADMIN said:

lol, it depend, there are some ransom who demand too much $

Rather than saying "We need to build a solution to prevent this from occurring, or doing everything in our power to get around the issue of being cryptolocked"

i was joking Dude, lol

IT-ADMIN

i already said a previous post that i have to setup a good backup plan

scottalanmiller

It's a real evaluation, actually. Lots of companies just pay the ransom. You take your chances. But it is part of the risk evaluation.

scottalanmiller

@IT-ADMIN said:

i already said a previous post that i have to setup a good backup plan

But not the kinds that you are considering thus far. They are all very susceptible. You need to consider just about much you will spend to protect yourself and how much protection it will provide.

Dashrender

@IT-ADMIN said:

i was joking Dude, lol

Probably not really a good place to be joking. and if you are, you need to make sure you include things so everyone knows you are. Otherwise you'll get what you saw here, everyone trying to educate you on why that's not the correct way to look at it.

IT-ADMIN

@Dashrender said:

@IT-ADMIN said:

i was joking Dude, lol

Probably not really a good place to be joking. and if you are, you need to make sure you include things so everyone knows you are. Otherwise you'll get what you saw here, everyone trying to educate you on why that's not the correct way to look at it.

ok, i apologize guys

IT-ADMIN

as far as i'm concerned people in ML are friendly and funny even if they are very IT professional

scottalanmiller

just add smiley faces or whatever

scottalanmiller

However, even if joking, many companies actually look at the risk and decide to just pay the ransom. Although there is no guarantee that they will give you back your data after you pay. But typically they do.

coliver

@DustinB3403 said:

@coliver But it is completely backwards.

To think, oh hey I'm being ransomed for my data. He doesn't specify a value. Just that the ransoming is occurring, the value could be $300US.

Which might be @IT-ADMIN said:

lol, it depend, there are some ransom who demand too much $

Rather than saying "We need to build a solution to prevent this from occurring, or doing everything in our power to get around the issue of being cryptolocked"

Right... no problems with what you are saying. But Isn't there a point for you where the ransom would outweigh the value of the data? It may not be till $100,000,000 but you would get to that point. What @IT-ADMIN is saying is correct some ransoms will demand too much.

coliver

@IT-ADMIN No need to apologize. Even if you were joking it brings up an interesting point. That there is a point where the value of the data doesn't match the value of the ransom. So it would be less expensive to never see that data again then simply pay the ransom, or build a system to protect yourself against it.

DustinB3403

@coliver the ransom maker is trying to make money.

There is no benefit to them to make a ransom that's obscene. Unless you value your data so little that you'd be just fine without it.

The entire point of the ransom where is to entice people to need their data (value it) to the point where the ransom is reasonable.

Jason

People would stop paying if they didn't give it up.

We have Sophos, UTMs, and our Palo Altos doing some blocking yet we've still had one case of it. It was the user being dumb. We didn't pay it though, her punishment was to redo her work she didn't save on the network like she should have.

We a public traded company so we had to do a share holder release just for that though.

scottalanmiller

@coliver said:

@DustinB3403 said:

@coliver But it is completely backwards.

To think, oh hey I'm being ransomed for my data. He doesn't specify a value. Just that the ransoming is occurring, the value could be $300US.

Which might be @IT-ADMIN said:

lol, it depend, there are some ransom who demand too much $

Rather than saying "We need to build a solution to prevent this from occurring, or doing everything in our power to get around the issue of being cryptolocked"

Right... no problems with what you are saying. But Isn't there a point for you where the ransom would outweigh the value of the data? It may not be till $100,000,000 but you would get to that point. What @IT-ADMIN is saying is correct some ransoms will demand too much.

In theory, but is that a known risk?

coliver

@DustinB3403 said:

@coliver the ransom maker is trying to make money.

There is no benefit to them to make a ransom that's obscene. Unless you value your data so little that you'd be just fine without it.

The entire point of the ransom where is to entice people to need their data (value it) to the point where the ransom is reasonable.

Agreed. But how is the ransomer (Chrome says that is a word) going to know where that cut off point is? For some companies it could be 100$ for others it could be significantly more. Just thought it was an interesting idea.

scottalanmiller

@coliver said:

@IT-ADMIN No need to apologize. Even if you were joking it brings up an interesting point. That there is a point where the value of the data doesn't match the value of the ransom. So it would be less expensive to never see that data again then simply pay the ransom, or build a system to protect yourself against it.

Exactly, at what point is the ransom cheaper than the protection?

IT-ADMIN

@coliver said:

@IT-ADMIN No need to apologize. Even if you were joking it brings up an interesting point. That there is a point where the value of the data doesn't match the value of the ransom. So it would be less expensive to never see that data again then simply pay the ransom, or build a system to protect yourself against it.

yeah, this is what i mean,
also @DustinB3403 make a good point, the ransom demand a reasonable price so that people can afford, because even the ransom will not benefit form the data itself, his concern is wining money