ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Backup File Server to DAS

    Scheduled Pinned Locked Moved IT Discussion
    dasstoragebackupfile server
    497 Posts 13 Posters 411.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @coliver
      last edited by

      @coliver said:

      @DustinB3403 said:

      @coliver But it is completely backwards.

      To think, oh hey I'm being ransomed for my data. He doesn't specify a value. Just that the ransoming is occurring, the value could be $300US.

      Which might be @IT-ADMIN said:

      lol, it depend, there are some ransom who demand too much $

      Rather than saying "We need to build a solution to prevent this from occurring, or doing everything in our power to get around the issue of being cryptolocked"

      Right... no problems with what you are saying. But Isn't there a point for you where the ransom would outweigh the value of the data? It may not be till $100,000,000 but you would get to that point. What @IT-ADMIN is saying is correct some ransoms will demand too much.

      In theory, but is that a known risk?

      1 Reply Last reply Reply Quote 0
      • coliverC
        coliver @DustinB3403
        last edited by

        @DustinB3403 said:

        @coliver the ransom maker is trying to make money.

        There is no benefit to them to make a ransom that's obscene. Unless you value your data so little that you'd be just fine without it.

        The entire point of the ransom where is to entice people to need their data (value it) to the point where the ransom is reasonable.

        Agreed. But how is the ransomer (Chrome says that is a word) going to know where that cut off point is? For some companies it could be 100$ for others it could be significantly more. Just thought it was an interesting idea.

        scottalanmillerS 1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @coliver
          last edited by

          @coliver said:

          @IT-ADMIN No need to apologize. Even if you were joking it brings up an interesting point. That there is a point where the value of the data doesn't match the value of the ransom. So it would be less expensive to never see that data again then simply pay the ransom, or build a system to protect yourself against it.

          Exactly, at what point is the ransom cheaper than the protection?

          1 Reply Last reply Reply Quote 0
          • IT-ADMINI
            IT-ADMIN @coliver
            last edited by

            @coliver said:

            @IT-ADMIN No need to apologize. Even if you were joking it brings up an interesting point. That there is a point where the value of the data doesn't match the value of the ransom. So it would be less expensive to never see that data again then simply pay the ransom, or build a system to protect yourself against it.

            yeah, this is what i mean,
            also @DustinB3403 make a good point, the ransom demand a reasonable price so that people can afford, because even the ransom will not benefit form the data itself, his concern is wining money

            J 1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @coliver
              last edited by

              @coliver said:

              @DustinB3403 said:

              @coliver the ransom maker is trying to make money.

              There is no benefit to them to make a ransom that's obscene. Unless you value your data so little that you'd be just fine without it.

              The entire point of the ransom where is to entice people to need their data (value it) to the point where the ransom is reasonable.

              Agreed. But how is the ransomer (Chrome says that is a word) going to know where that cut off point is? For some companies it could be 100$ for others it could be significantly more. Just thought it was an interesting idea.

              They guess, normally at a pretty small number so that essentially everyone pays.

              coliverC 1 Reply Last reply Reply Quote 0
              • coliverC
                coliver
                last edited by

                @IT-ADMIN 's company has shown that their data is next to valueless. They don't care about investing in a proper backup solution (no offence @IT-ADMIN) or even the licensing to ensure their servers won't die if they are restored from a backup solution. So if they do get ransomware on those machines they may determine that since they did nothing to prevent it (or prevent more likely issues like hardware failure) then it isn't worth the ransom.

                1 Reply Last reply Reply Quote 1
                • coliverC
                  coliver @scottalanmiller
                  last edited by

                  @scottalanmiller said:

                  @coliver said:

                  @DustinB3403 said:

                  @coliver the ransom maker is trying to make money.

                  There is no benefit to them to make a ransom that's obscene. Unless you value your data so little that you'd be just fine without it.

                  The entire point of the ransom where is to entice people to need their data (value it) to the point where the ransom is reasonable.

                  Agreed. But how is the ransomer (Chrome says that is a word) going to know where that cut off point is? For some companies it could be 100$ for others it could be significantly more. Just thought it was an interesting idea.

                  They guess, normally at a pretty small number so that essentially everyone pays.

                  Right, I understand that. Just trying to go through an idea.

                  1 Reply Last reply Reply Quote 0
                  • J
                    Jason Banned @IT-ADMIN
                    last edited by

                    @IT-ADMIN said:

                    because even the ransom will not benefit form the data itself, his concern is wining money

                    Not necessarily true.

                    IT-ADMINI DustinB3403D 2 Replies Last reply Reply Quote 0
                    • IT-ADMINI
                      IT-ADMIN @Jason
                      last edited by

                      @Jason said:

                      @IT-ADMIN said:

                      because even the ransom will not benefit form the data itself, his concern is wining money

                      Not necessarily true.

                      at least in our case, may other companies have data that can be sold maybe ?

                      J scottalanmillerS 2 Replies Last reply Reply Quote 0
                      • J
                        Jason Banned @IT-ADMIN
                        last edited by

                        @IT-ADMIN said:

                        at least in our case, may other companies have data that can be sold maybe ?

                        Well, yeah. Many companies get hourly attempted attacks just for such a thing.

                        1 Reply Last reply Reply Quote 0
                        • DustinB3403D
                          DustinB3403 @Jason
                          last edited by

                          @Jason said:

                          @IT-ADMIN said:

                          because even the ransom will not benefit form the data itself, his concern is wining money

                          Not necessarily true.

                          Jason the ransom demand maker generally isn't trying to sell trade secrets, they might get lucky and encrypt someone with this kind of information.

                          But they aren't copying the data. They're simply encrypting it locally, and passing the decryption key to their server(s).

                          So it is true... the ransomers' are not profiting from the data, only from the ransom.

                          J scottalanmillerS 2 Replies Last reply Reply Quote 0
                          • J
                            Jason Banned @DustinB3403
                            last edited by Jason

                            @DustinB3403 said:

                            Jason the ransom demand maker generally isn't trying to sell trade secrets, they might get lucky and encrypt someone with this kind of information.

                            But they aren't copying the data. They're simply encrypting it locally, and passing the decryption key to their server(s).

                            So it is true... the ransomers' are not profiting from the data, only from the ransom.

                            That's not true in every case.. some have been found to upload the data.

                            1 Reply Last reply Reply Quote 0
                            • DustinB3403D
                              DustinB3403
                              last edited by

                              I've yet to see a Cryptoware variant that exports data off of a victims system.

                              Please name 1.

                              This malware needs to act quickly. It doesn't have time to dick around and upload potentially TB or more of data to encrypt it.

                              Just stop trolling, because you clearly are.

                              J scottalanmillerS 2 Replies Last reply Reply Quote -1
                              • scottalanmillerS
                                scottalanmiller @IT-ADMIN
                                last edited by

                                @IT-ADMIN said:

                                @Jason said:

                                @IT-ADMIN said:

                                because even the ransom will not benefit form the data itself, his concern is wining money

                                Not necessarily true.

                                at least in our case, may other companies have data that can be sold maybe ?

                                No financial data? Nothing private that the company would not want divulged? No customer data?

                                1 Reply Last reply Reply Quote 1
                                • IT-ADMINI
                                  IT-ADMIN
                                  last edited by

                                  OK, can a restore point decrypte the ransomed data ??

                                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                                  • scottalanmillerS
                                    scottalanmiller @DustinB3403
                                    last edited by

                                    @DustinB3403 said:

                                    @Jason said:

                                    @IT-ADMIN said:

                                    because even the ransom will not benefit form the data itself, his concern is wining money

                                    Not necessarily true.

                                    Jason the ransom demand maker generally isn't trying to sell trade secrets, they might get lucky and encrypt someone with this kind of information.

                                    But they aren't copying the data. They're simply encrypting it locally, and passing the decryption key to their server(s).

                                    So it is true... the ransomers' are not profiting from the data, only from the ransom.

                                    That is generally true but not universally.

                                    1 Reply Last reply Reply Quote 0
                                    • J
                                      Jason Banned @DustinB3403
                                      last edited by

                                      @DustinB3403 said:

                                      I've yet to see a Cryptoware variant that exports data off of a victims system.

                                      Please name 1.

                                      This malware needs to act quickly. It doesn't have time to dick around and upload potentially TB or more of data to encrypt it.

                                      Just stop trolling, because you clearly are.

                                      Yes, I'm trolling when we have a IT forenstics team that looks into our attempted attacks. We know what goes on with these, we've looked into it heavily.

                                      1 Reply Last reply Reply Quote 0
                                      • scottalanmillerS
                                        scottalanmiller @IT-ADMIN
                                        last edited by

                                        @IT-ADMIN said:

                                        OK, can a restore point decrypte the ransomed data ??

                                        Not decrypt! Nothing can decrypt except the key that you get when you pay the ransom.

                                        If you roll back to BEFORE the data was encrypted AND the restore point itself was not encrypted then you are okay.

                                        IT-ADMINI 1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller @DustinB3403
                                          last edited by

                                          @DustinB3403 said:

                                          This malware needs to act quickly. It doesn't have time to dick around and upload potentially TB or more of data to encrypt it.

                                          Thats not true. It needs to encrypt quickly. Once encrypted it has free time to upload all that it can.

                                          1 Reply Last reply Reply Quote 0
                                          • IT-ADMINI
                                            IT-ADMIN @scottalanmiller
                                            last edited by

                                            @scottalanmiller said:

                                            @IT-ADMIN said:

                                            OK, can a restore point decrypte the ransomed data ??

                                            Not decrypt! Nothing can decrypt except the key that you get when you pay the ransom.

                                            If you roll back to BEFORE the data was encrypted AND the restore point itself was not encrypted then you are okay.

                                            for this reason it is very recommended to store your system images in another physical storage not on the same machine

                                            J scottalanmillerS 2 Replies Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 18
                                            • 19
                                            • 20
                                            • 21
                                            • 22
                                            • 23
                                            • 24
                                            • 25
                                            • 20 / 25
                                            • First post
                                              Last post