ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Analysis of Locky ransomware

    Scheduled Pinned Locked Moved IT Discussion
    178 Posts 19 Posters 59.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • BRRABillB
      BRRABill @Dashrender
      last edited by

      @Dashrender said:

      You never hear Scott telling people they need to backup their O365 accounts - why? Because backups are part of the service.

      Are they? In what fashion?

      DashrenderD 1 Reply Last reply Reply Quote 0
      • DashrenderD
        Dashrender @BRRABill
        last edited by

        @BRRABill said:

        @Dashrender said:

        You never hear Scott telling people they need to backup their O365 accounts - why? Because backups are part of the service.

        Are they? In what fashion?

        Not sure what you mean? But that asked - I have no idea - If I was to guess, I'd say tape.

        BRRABillB 1 Reply Last reply Reply Quote 0
        • BRRABillB
          BRRABill @Dashrender
          last edited by

          @Dashrender said:

          Not sure what you mean? But that asked - I have no idea - If I was to guess, I'd say tape.

          No i mean, say I store all kinds of files there. Not just Microsoft stuff.

          And get hit with Crypto-something. I can retrieve all that stuff?

          I thought the Microsoft stuff (OneDrive and ODfB) only did backups in the form of versioning.

          But I do not 100% know, which is why I will sit back and await ML to inform me.

          DashrenderD 1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @BRRABill
            last edited by

            @BRRABill said:

            @Dashrender said:

            Not sure what you mean? But that asked - I have no idea - If I was to guess, I'd say tape.

            No i mean, say I store all kinds of files there. Not just Microsoft stuff.

            And get hit with Crypto-something. I can retrieve all that stuff?

            I thought the Microsoft stuff (OneDrive and ODfB) only did backups in the form of versioning.

            But I do not 100% know, which is why I will sit back and await ML to inform me.

            Well OneDrive isn't part of this conversation - only ODfB. I would guess you could reach out and have your whole ODfB box restored if it was broken by something like a sync'ed cryptolocker.

            1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller
              last edited by

              If you run your own ODfB server, you would be taking full backups of it like anything else, one would expect. And backups of the SQL Server that is powering it.

              1 Reply Last reply Reply Quote 0
              • BRRABillB
                BRRABill
                last edited by

                As usual, I asking for the smaller case.

                The Uncle using a single PC.

                How does that poor fellow protect himself from Crypto-viruses?

                coliverC scottalanmillerS 3 Replies Last reply Reply Quote 0
                • coliverC
                  coliver @BRRABill
                  last edited by

                  @BRRABill said:

                  As usual, I asking for the smaller case.

                  The Uncle using a single PC.

                  How does that poor fellow protect himself from Crypto-viruses?

                  Get them a chromebook.

                  scottalanmillerS 1 Reply Last reply Reply Quote 1
                  • scottalanmillerS
                    scottalanmiller @coliver
                    last edited by

                    @coliver said:

                    @BRRABill said:

                    As usual, I asking for the smaller case.

                    The Uncle using a single PC.

                    How does that poor fellow protect himself from Crypto-viruses?

                    Get them a chromebook.

                    Can't be overstated.

                    1 Reply Last reply Reply Quote 1
                    • scottalanmillerS
                      scottalanmiller @BRRABill
                      last edited by

                      @BRRABill said:

                      As usual, I asking for the smaller case.

                      The Uncle using a single PC.

                      How does that poor fellow protect himself from Crypto-viruses?

                      Chromebooks are best. 80% of the time at least, I think.

                      For everyone else... there are backups. Real backups, not images, no short cuts. BackBlaze is good. Lots of options.

                      BRRABillB 1 Reply Last reply Reply Quote 0
                      • coliverC
                        coliver @BRRABill
                        last edited by

                        @BRRABill said:

                        As usual, I asking for the smaller case.

                        The Uncle using a single PC.

                        How does that poor fellow protect himself from Crypto-viruses?

                        I have my parents setup with Backblaze. They have 800GB-1TB of pictures on their computer, it took several weeks to back them all up.

                        1 Reply Last reply Reply Quote 1
                        • BRRABillB
                          BRRABill @scottalanmiller
                          last edited by

                          @scottalanmiller said:

                          For everyone else... there are backups. Real backups, not images, no short cuts. BackBlaze is good. Lots of options.

                          Wouldn't the encrypted files just be backed up to BackBlaze?

                          coliverC 1 Reply Last reply Reply Quote 0
                          • coliverC
                            coliver @BRRABill
                            last edited by

                            @BRRABill said:

                            @scottalanmiller said:

                            For everyone else... there are backups. Real backups, not images, no short cuts. BackBlaze is good. Lots of options.

                            Wouldn't the encrypted files just be backed up to BackBlaze?

                            Backblaze keeps a ton of versions of files. I don't remember how many but it is a lot. Backblaze also isn't a sync client. It is a true backup client.

                            BRRABillB 1 Reply Last reply Reply Quote 1
                            • BRRABillB
                              BRRABill @coliver
                              last edited by

                              @coliver said:

                              Backblaze keeps a ton of versions of files. I don't remember how many but it is a lot. Backblaze also isn't a sync client. It is a true backup client.

                              I'm just imagining the process of restoring 150GB of data as individual files. Ugh.

                              NicN 1 Reply Last reply Reply Quote 0
                              • Deleted74295D
                                Deleted74295 Banned
                                last edited by

                                Remember, in the BackBlaze client, it throttles the upload speed by default. So dive into the settings and you can set it to upload more.

                                I backed up 50GB in a couple of hours from the UK.

                                coliverC 1 Reply Last reply Reply Quote 0
                                • coliverC
                                  coliver @Deleted74295
                                  last edited by

                                  @Breffni-Potter said:

                                  Remember, in the BackBlaze client, it throttles the upload speed by default. So dive into the settings and you can set it to upload more.

                                  I backed up 50GB in a couple of hours from the UK.

                                  Yep... my parents are on a crappy DSL connection.

                                  1 Reply Last reply Reply Quote 0
                                  • NicN
                                    Nic @BRRABill
                                    last edited by

                                    @BRRABill said:

                                    @coliver said:

                                    Backblaze keeps a ton of versions of files. I don't remember how many but it is a lot. Backblaze also isn't a sync client. It is a true backup client.

                                    I'm just imagining the process of restoring 150GB of data as individual files. Ugh.

                                    They'll overnight you a flash drive with your data on it for a fee, if you can't wait for the download.
                                    https://www.backblaze.com/blog/4-tb-usb-restore-drives-are-here-yay/

                                    BRRABillB 1 Reply Last reply Reply Quote 1
                                    • BRRABillB
                                      BRRABill @Nic
                                      last edited by

                                      @Nic said:

                                      They'll overnight you a flash drive with your data on it for a fee, if you can't wait for the download.
                                      https://www.backblaze.com/blog/4-tb-usb-restore-drives-are-here-yay/

                                      $189 isn't actually a bad deal AND you get to keep the drive.

                                      I wonder how that works, though. I mean, you obviously don't want the actual backup, as the encrypted files have probably been uploaded. So can you get the previous version of every file?

                                      You know what I mean? That seems messy.

                                      coliverC 1 Reply Last reply Reply Quote 0
                                      • coliverC
                                        coliver @BRRABill
                                        last edited by

                                        @BRRABill said:

                                        @Nic said:

                                        They'll overnight you a flash drive with your data on it for a fee, if you can't wait for the download.
                                        https://www.backblaze.com/blog/4-tb-usb-restore-drives-are-here-yay/

                                        $189 isn't actually a bad deal AND you get to keep the drive.

                                        I wonder how that works, though. I mean, you obviously don't want the actual backup, as the encrypted files have probably been uploaded. So can you get the previous version of every file?

                                        You know what I mean? That seems messy.

                                        How is it messy? I need the backups from 11/1/2015. They send you a drive with those backups on there. You plug it in and restore. Not sure where the issue is?

                                        1 Reply Last reply Reply Quote 1
                                        • NicN
                                          Nic
                                          last edited by

                                          Well you can go into the console and look at and download individual files. I imagine if you needed a restore from only before the infection date then they'd be able to do that. Let me ping @aaron for more details, since he works for them.

                                          BRRABillB 1 Reply Last reply Reply Quote 0
                                          • BRRABillB
                                            BRRABill @Nic
                                            last edited by

                                            @Nic said:

                                            Well you can go into the console and look at and download individual files. I imagine if you needed a restore from only before the infection date then they'd be able to do that. Let me ping @aaron for more details, since he works for them.

                                            Haha ... I was doing the same thing. He might not get the ping though since it's later in the day. I sent him a PM.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 7
                                            • 8
                                            • 9
                                            • 5 / 9
                                            • First post
                                              Last post