go to sections menu

An update on the school situation with ransomware from blog The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary > An update on the school situation with ransomware

Go to Homepage, contents or to navigation menu

An update on the school situation with ransomware

Hi folks,

I just got updated within the last hour in regards to the school situation I posted two days ago. To reread that post, please read Are schools next in the cyber race? for my thoughts.

The E-mail indicates that they paid $28,000 and got a key which so far has unlocked files necessary. They did this after the investigation indicated that they had a high probability of getting things restored. The E-mail does not say how long it will take but a process is in place.

Ransomware is an interesting thing, where backups are a necessity as paying may not be a good thing. The criminals know this,, so they offer chat and other business like services and in most cases, will deliver on their promise after payment is made.

It interests me the portion of the E-mail that states that failure to pay would result in loss of data. I believe that if there were backups, you wouldn’t need to pay any kind of money, and a school should do their best in making sure that backups are stored somewhere.

There are services out there like Carbonite which will back up a computer for a low price, or for larger networks, a bit of a higher price could be paid.

They are saying there are several thousand files to unlock, and it will take time.

Hopefully, none of the other computers along the network of schools in this district were effected and it was the only school. The link to the PDF was the same link i read and talked about from the prior post.

If you have any thoughts, lets talk about this one. Do you think backups would have been good? How could a large network like this do something like this without paying again if they are targeted again.

I’m wondering if someone clicked something, maybe by accident, that installed whatever ransomware family they got? What are your thoughts?

Informazioni sull'articolo

An update on the school situation with ransomware was released on January 6, 2017 at 5:41 pm by tech in article commentary.
Last modified: January 6, 2017.

Comments (2)

  1. Comment by tech date 7 January 2017 alle 15:08 (),

    Hi Shaun,

    This is very interesting, but I don’t know if your method will work much longer once someone figures it out, and they will. Its not necessary to use all these tools, but unique passwords are now something recommended by everyone. Most people will not have backups, and you’re right, this is what they look for. I believe something somewhere needs to change but it has to start with recommended methods.

  2. Comment by crashmaster date 7 January 2017 alle 12:28 (),

    Hi jared.
    Ransomware is a big industry people tend to pay.
    True you could have backups but not everyone keep backups.
    And if your backups got infected to well.
    I have 2 external hdds here which I plug in and use for backup so I have 2 coppies.
    However if one fails the other may and I had had several go and one came back and I managed to get my data off of it bar 1 or 2 folders which were not big losses.
    It is not standard that the standard user always will be as good as some techs about keeping a backup.
    There are even people saying we should upload all our data to the cloud, and I still like offline storage but even so with all the ultra books with 128gb ssds meaning we will have to run off an external all the time which I don’t fully aggree with or run off the cloud which is fine if the net works however paying 10 bucks per month minimum for 1tb of data and more for more and suddenly you wander if its easier to just buy an external for the price.
    I shouldn’t in theory keep all my backups in the same room as my work drives but I do.
    I should have a password generator and I should have different passwords for every site but I don’t.
    I should have 2 factor authentication for all my devices and accounts and sepperate passwords for things but I don’t.
    Reason all that means its just another thing to remember.
    My dad tried it on his phone.
    He remembers his passwords a lot less than I do so promptly forgot it.
    When I said use a cloud or other generator his thing was well it could get hacked.
    So if you take that analogy you need to store everything locally else you get hacked till it fails, but then you need to back up it on a cloud where you can get hacked.
    So you get ransomware, and you think, well if I had it on something where that wouldn’t matter that wouldn’t be a problem but that could get hacked and everything I have could get hacked so I may as well pay it.
    Read my last post about the endless fucking loop we have pushed ourselves into.
    The cycle of securing to be secure but being hacked and the posibility of it being hacked we don’t do anything about it and then things fall over.
    I use the same few passwords for 99% of my stuff.
    I don’t use password generators or cloud storage services for important stuff where I could get hacked.
    True maybe I am risking it but I am out of the loop, I don’t have 2 factor authentication I don’t have app passwords, I have basic ms security.
    I just get on with my life.
    Yes I am probably not good but I am out of the loop.
    I will take loads of passive protection because it doesn’t do much bar prevent thats why I use firefox and with all the blockers I can run with it.
    I also clear my junk.
    My dad managed to get it all set but forgot things.
    We had to recreate all his passwords for all his apple accounts which then blocked all the computers and phones in the house till he reset all his passwords and email forewards and the like.
    I have just retired all my simple passwords I have had for 5 years because one of them on ms said I may have been hacked, I don’t actually give a fuck but it was something to do so I changed it.
    Twitter and ms are not anything I care about well ms since I shop with it but since I still have to enter my paypal password to actually buy something I see myself with at least having a chance or something though who knows what that means.
    Mum got the same with her phone, and we had to reset email and all her other things and it was really bad.
    My friend who I walked with with win10 had something like this happen.
    The system wouldn’t sign in because it said they were hacked.
    They went into their account and it was fine but they had a system upgrade and well things needed to be done.
    It was sorted out.
    But it wouldn’t work on the system because the security software said they were hacked but they had to log in to change the password and other things.
    I had to reformat that and all their win10 systems just to get that fixed.
    We are allready looping.
    There are several ways to get out of this.
    1. never login with your online account ever as your system account.
    A local account is always best at least you get access to your files.
    2. only open what you need and close it when you are done.
    I login with twitter or facebook or whatever if I am using it same with dropbox.
    In 10 I do have app logins set for some stuff but even so.
    I only plug my drives in to load something or if I want to pay something I play something.
    Even though we have ssds and even though they do fail a lot I am still for the large spinning disk units even if they make the system bigger.
    I have most of my data on my internal.
    I al also for big laptops and cd drives so we don’t have to carry round extras.
    I am not for ultrabooks, tablets and the like.
    I want someone to bring back old speakers back and all the other stuff that used to be.
    I think the more complex a system is, sadly even though its more secure the more chance we can get hit with a nice bit of ransomware or a trogen.
    THat trogen is us we can really fuck up ourselves and everything.
    In dos I knew what I was doing.
    In linux I know some of what I am doing.
    in win9x through xp I had an idea of what I was up to.
    in 7 I have some idea unless it really breaks.
    Now we have systems so simple that if something breaks we don’t know what to do.
    I have talked to people where I get the following scenario.
    1, there is a problem.
    Put in the recovery disk and let it fix it.
    A full reformat always fixes everything its not the last resort its the first thing that you do because you don’t know what is broken, you don’t even know what a recovery disk does!
    2. the registry, its another language who would touch it I wouldn’t.
    3. we know hardly much about our computers anymore we are so with security and such that if it dies then we take it to get fixed.
    The shop does not fix your stuff they will reformat it, delete your data, and then maybe incript it and put ransomware on it or it feels like it anyway.
    We have lost the baility to diagnose and fix things as have I.
    Its a sad truth we have no idea what we are doing anymore.

Leave a comment

You must be logged in to post a comment.

go to sections menu

navigation menu

go to sections menu