Ransomware- How bad can it get?

stbartshopper

Senior Insider
We use a password manager- in our case -Dashlane.
Apple seems to have less problems intrusion wise than android or other systems.
Even with two step authentication, changing passwords and keeping them ‘difficult’ and non repetitive, we are still concerned.
Initially the meat company said they had a back up system that was not infiltrated and therefore were only ‘sidelined’ for a short time period. Then we found out the company paid $11 million to stay in operation.
Would appreciate the digerati Forum members to weigh in….
 
Ransomware has nothing to do with personal computing and everything to do with enterprise computing. Critical system code is infiltrated and then altered to be unuseable. When the money is bitcoined to the bad actors, the code is reversed and operations can continue. At least in theory.

[FONT=&quot]2016: A strain of HDDCrypter infected the Sam Francisco’s transport systems and demanded 100 bitcoins or $70,000 in ransom.[/FONT]
[FONT=&quot]2017: A updated version of WannaCry infected the U.K.’s National Health Service, Telefonica, and other targets by exploiting EternalBlue, a vulnerability that Microsoft patched later in 2017. In total, WannaCry demand $300 in bitcoin from more than 300,000 organizations worldwide.[/FONT]
[FONT=&quot]2017: NotPetya first attacked power distributors in the Ukraine and the Netherlands and then later attacked the Ukraine’s government and the offices of multinationals in Spain.[/FONT]
[FONT=&quot]2017: A BadRabbit outbreak attacked Ukrainian and Russian organizations via drive-by attacks. A ransom of .5 Bitcoins was demanded from hundreds of victims.[/FONT]
[FONT=&quot]2018: A SamSam ransomware variant attacked Colorado’s Department of Transportation’s (CDOT) computers running Windows OS and McAfee AV software. Working with the FBI, the CDOT recovered its systems from backups but was infected from another SamSam variant just one month later.[/FONT]
[FONT=&quot]2018: The City of Atlanta had several customer-facing systems infected by what was believed to be another SamSam attack. The city planned to pay a $51,000 ransom but the ransom payment was not approved by then major, Keisha Lance Bottoms. Instead, the city spent millions to rebuild the system. [/FONT]
[FONT=&quot]2018: The Port of San Diego suffered a ransomware attack caused by another SamSam variant, bringing down the IT systems used by the Port.[/FONT]
[FONT=&quot]2019: Two Florida governments–Riviera Beach and Lake City– were both attacked and paid hundreds of thousands of dollars to recover their data. Lake City suffered a triple attach where the Emotet malware downloaded Trickbot and Ryuk ransomware.[/FONT]
[FONT=&quot]2019: Twenty local Texas government agencies were attacked by a coordinated REvil or Sodinokibi ransomware attack. [/FONT]
[FONT=&quot]Here is a listing of some of the critical ransomware cyberattacks that occurred in 2020 and the variant used: [/FONT]

  • Australian-based Toll Group was hit twice by two different variants: NetWalker and Nefilim
  • New York-based Grubman Shire Meiselas & Sacks: REvil
  • University of California, San Francisco: NetWalker
  • U.S. defense subcontractor, Westech International: Maze
  • Multinational firm, Garmin: WastedLocker
  • University Hospital of Dusseldorf: Unpublished ransomware variant
  • LG Electronics and Xerox: Maze
  • Argentinian borders: NetWalker
[FONT=&quot]The ransomware attack on the University Hospital of Dusseldorf resulted in the first fatality caused by ransomware.[/FONT]
 
I agree with JEK to a point. Ransomware has nothing to do with personal computing.

I do need to add one word though.

Yet.
 
Hopper, the very basic prevention steps are:

1) Delete any emails from an unknown source rather than opening them
2) Never click on a link in an email
3) Use a Password Manager

I have contacts in the infosec side of FAANG companies who I still talk to, and who I listen to. On their advice, I follow the above 3 rules religiously.

I used to work for a company who fired a person, who I thought was their best A/P person, after she flunked the company's internal email trolling test for the 3rd time. Tough, but that company really needed to be zero-tolerance.

Me, I've got encryption and external backup going on all over the place.

Hack my site, you'll end up in my sandbox. Hack my real PC, I'll do a bare-metal OS install, restore from backup, and hopefully figure out how you managed to get past everything which I have in place. Most likely, the external hack will give up on me and move on to someone else/easier.

And, anything which I have said is my opinion, not facts. You want facts, hire someone. Someone who will tell you pretty much what my opinions are.
 
I should add "stop giving out your email address to everyone who you have contact with". I have my real email address(es) and dozens of others. I don't trust anyone else's security. I never give out my real email address.
 
Top