Should add to headline... "with bitcoin"
And that is 90% of the actual demand for bitcoin. The rest was speculation, and that is going away as prices fall. So imagine how bitcoin would crash if people stopped paying these ransoms.Reply
>There are several different platforms out there that can shut a machine off if it becomes infected, and then keep all the other machines safe from the machine that is infected... Ramos said this is the type of software the county purchased after the attack, to protect the county’s server
So I'm not an expert by any means, but I can't picture how that is an effective protection. Either the detection can catch it before infection, in which case why shut down? Or it catches it after infection when it could have already spread.
Setting up that last backup sounds like a better use of money.Reply
A few bucks per taxpayer is no big deal IMOReply
This may be a very dumb crypto / ransomware question, but if someone knows the answer, I'd appreciate it.
Why don't businesses (or systems) seed their drives with files with known text / content and then use those files to reverse the method used to encrypt? It seems like having an adversary encrypt a set of known "canary" files should provide information to reverse the encryption?
Again, there may be a good reason (or many many good reasons) why this would not be a good solution, especially since I'd expect most OS installations have enough standard files to do this if it worked, but I am curious if someone knows.
Edit: From the helpful comments, this is a known class of attack on a cryptosystem called a plaintext attack. Using that information, I looked into how ransomware systems address this attack, and several, apparently, use per-file keys as, in part, a defense against this type of attack.Reply
Every time a hospital system pays off hackers (which happens all the time)... I assure you the ransom payment is also mostly coming out of your tax dollars.Reply
If it takes you 6 months to get your software back up and running, is it really a good backup solution ?Reply
“The only data that we had that wasn’t backed up was in our auditor's office, where we have our financial software,”
Seems to me that in modern times failing to back things up is incompetence and dereliction of duty. The auditor should be billed for at least part of the payment.Reply
Why didn't they just restore from back-up?Reply
For all of us shocked shocked about the county’s preparation and response, it’s worth noting that this is a county of population ~7000 and only about 5000 adults.
The number of people involved in government, and the resources available for professional support staff (and solution products) are probably modest to say the least.
A lot of you probably went to high schools that were bigger and more funded.Reply
Headline seems unnecessarily inflammatory. Putting aside the decision of whether or not they should've paid, what else were they going to pay with?Reply
> A recent ransomware attack on Brooks County’s Justice of the Peace and district courts, and finance department, cost it more than $37,000.
> “We had determined if we didn’t, then it would take us anywhere from six months to a year to reconstruct our software program,” Ramos said.
How much would it have cost for 6-12 months of engineer time plus the court system slowing to a crawl in the meantime? Thank god these hackers don't know how to negotiate.Reply
37,000$ really is not a huge amount.. surprised how low this amount is. Securing the systems and hiring more IT support services .. would have cost way more money honestly .
Perhaps ransomware is evolving to fine just right price point niche?Reply
It doesn't seem right that the incompetent people who didn't have backups and got themselves infected don't have to pay the consequences.Reply