An update on the school situation with ransomware from blog The Technology blog and podcast
This is for the technology blog and podcast Commentary, articles, and podcasts
An update on the school situation with ransomware
Hi folks,
I just got updated within the last hour in regards to the school situation I posted two days ago. To reread that post, please read Are schools next in the cyber race? for my thoughts.
The E-mail indicates that they paid $28,000 and got a key which so far has unlocked files necessary. They did this after the investigation indicated that they had a high probability of getting things restored. The E-mail does not say how long it will take but a process is in place.
Ransomware is an interesting thing, where backups are a necessity as paying may not be a good thing. The criminals know this,, so they offer chat and other business like services and in most cases, will deliver on their promise after payment is made.
It interests me the portion of the E-mail that states that failure to pay would result in loss of data. I believe that if there were backups, you wouldn’t need to pay any kind of money, and a school should do their best in making sure that backups are stored somewhere.
There are services out there like Carbonite which will back up a computer for a low price, or for larger networks, a bit of a higher price could be paid.
They are saying there are several thousand files to unlock, and it will take time.
Hopefully, none of the other computers along the network of schools in this district were effected and it was the only school. The link to the PDF was the same link i read and talked about from the prior post.
If you have any thoughts, lets talk about this one. Do you think backups would have been good? How could a large network like this do something like this without paying again if they are targeted again.
I’m wondering if someone clicked something, maybe by accident, that installed whatever ransomware family they got? What are your thoughts?
Informazioni sull'articolo
An update on the school situation with ransomware was released on January 6, 2017 at 5:41 pm by tech in article commentary.
Last modified: January 6, 2017.
Comments (2)
-
Comment by tech date 7 January 2017 alle 15:08 (),
Hi Shaun,
This is very interesting, but I don’t know if your method will work much longer once someone figures it out, and they will. Its not necessary to use all these tools, but unique passwords are now something recommended by everyone. Most people will not have backups, and you’re right, this is what they look for. I believe something somewhere needs to change but it has to start with recommended methods.
-
Comment by crashmaster date 7 January 2017 alle 12:28 (),
Hi jared.
Ransomware is a big industry people tend to pay.
True you could have backups but not everyone keep backups.
And if your backups got infected to well.
I have 2 external hdds here which I plug in and use for backup so I have 2 coppies.
However if one fails the other may and I had had several go and one came back and I managed to get my data off of it bar 1 or 2 folders which were not big losses.
It is not standard that the standard user always will be as good as some techs about keeping a backup.
There are even people saying we should upload all our data to the cloud, and I still like offline storage but even so with all the ultra books with 128gb ssds meaning we will have to run off an external all the time which I don’t fully aggree with or run off the cloud which is fine if the net works however paying 10 bucks per month minimum for 1tb of data and more for more and suddenly you wander if its easier to just buy an external for the price.
I shouldn’t in theory keep all my backups in the same room as my work drives but I do.
I should have a password generator and I should have different passwords for every site but I don’t.
I should have 2 factor authentication for all my devices and accounts and sepperate passwords for things but I don’t.
Reason all that means its just another thing to remember.
My dad tried it on his phone.
He remembers his passwords a lot less than I do so promptly forgot it.
When I said use a cloud or other generator his thing was well it could get hacked.
So if you take that analogy you need to store everything locally else you get hacked till it fails, but then you need to back up it on a cloud where you can get hacked.
So you get ransomware, and you think, well if I had it on something where that wouldn’t matter that wouldn’t be a problem but that could get hacked and everything I have could get hacked so I may as well pay it.
Read my last post about the endless fucking loop we have pushed ourselves into.
The cycle of securing to be secure but being hacked and the posibility of it being hacked we don’t do anything about it and then things fall over.
I use the same few passwords for 99% of my stuff.
I don’t use password generators or cloud storage services for important stuff where I could get hacked.
True maybe I am risking it but I am out of the loop, I don’t have 2 factor authentication I don’t have app passwords, I have basic ms security.
I just get on with my life.
Yes I am probably not good but I am out of the loop.
I will take loads of passive protection because it doesn’t do much bar prevent thats why I use firefox and with all the blockers I can run with it.
I also clear my junk.
My dad managed to get it all set but forgot things.
We had to recreate all his passwords for all his apple accounts which then blocked all the computers and phones in the house till he reset all his passwords and email forewards and the like.
I have just retired all my simple passwords I have had for 5 years because one of them on ms said I may have been hacked, I don’t actually give a fuck but it was something to do so I changed it.
Twitter and ms are not anything I care about well ms since I shop with it but since I still have to enter my paypal password to actually buy something I see myself with at least having a chance or something though who knows what that means.
Mum got the same with her phone, and we had to reset email and all her other things and it was really bad.
My friend who I walked with with win10 had something like this happen.
The system wouldn’t sign in because it said they were hacked.
They went into their account and it was fine but they had a system upgrade and well things needed to be done.
It was sorted out.
But it wouldn’t work on the system because the security software said they were hacked but they had to log in to change the password and other things.
I had to reformat that and all their win10 systems just to get that fixed.
We are allready looping.
There are several ways to get out of this.
1. never login with your online account ever as your system account.
A local account is always best at least you get access to your files.
2. only open what you need and close it when you are done.
I login with twitter or facebook or whatever if I am using it same with dropbox.
In 10 I do have app logins set for some stuff but even so.
I only plug my drives in to load something or if I want to pay something I play something.
Even though we have ssds and even though they do fail a lot I am still for the large spinning disk units even if they make the system bigger.
I have most of my data on my internal.
I al also for big laptops and cd drives so we don’t have to carry round extras.
I am not for ultrabooks, tablets and the like.
I want someone to bring back old speakers back and all the other stuff that used to be.
I think the more complex a system is, sadly even though its more secure the more chance we can get hit with a nice bit of ransomware or a trogen.
THat trogen is us we can really fuck up ourselves and everything.
In dos I knew what I was doing.
In linux I know some of what I am doing.
in win9x through xp I had an idea of what I was up to.
in 7 I have some idea unless it really breaks.
Now we have systems so simple that if something breaks we don’t know what to do.
I have talked to people where I get the following scenario.
1, there is a problem.
Put in the recovery disk and let it fix it.
A full reformat always fixes everything its not the last resort its the first thing that you do because you don’t know what is broken, you don’t even know what a recovery disk does!
2. the registry, its another language who would touch it I wouldn’t.
3. we know hardly much about our computers anymore we are so with security and such that if it dies then we take it to get fixed.
The shop does not fix your stuff they will reformat it, delete your data, and then maybe incript it and put ransomware on it or it feels like it anyway.
We have lost the baility to diagnose and fix things as have I.
Its a sad truth we have no idea what we are doing anymore.
Leave a comment
You must be logged in to post a comment.
navigation menu
- Archives
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- Categories of this blog
- Subscribe to Blog via Email
Join 10 other subscribers
- The tech blog’s pages
- Blogroll
- Crashmasters blog
- Cyberscoop
- Documentation
- Improve Internet Accessibility for Individuals with Impaired Vision
- International friends network stream
- Kim Komando
- Krebs On Security
- Plugins
- Register to this site
- Suggest Ideas
- Support Forum
- supporters and partners
- the blind perspective
- The Jared Rimer Network donations page
- The Phishlabs Blog
- The Security Box discussion list
- The Technology blog and podcast and TSB on amazon music podcasts
- Themes
- toptechtidbits
- WordPress Blog
- WordPress Planet
- “Blind VMS and the Tech podcast join forces”