Jump to content
sman

How to Survive a Ransomware Attack Without Paying the Ransom

Recommended Posts

How to Survive a Ransomware Attack Without Paying the Ransom

“https://p1htmlkernalweb.mybluemix.net/articles/How+to+Survive+a+Ransomware+Attack+Without+Paying+the+Ransom_5313135_bloomberg.html”

At around midnight Oslo time on March 19, 2019, computers owned by Norsk Hydro ASA, a large aluminum manufacturer, started encrypting files and going offline en masse. It took two hours before a worker at its operations center in Hungary realized what was happening. He followed a scripted security procedure and took the company’s entire network offline—including its website, email system, payroll, and everything else. By then,  a lot of damage was already done. Five hundred of Hydro’s servers and 2,700 of its PCs had been rendered useless, and a ransom note was flashing on employees’ computer screens.

Some 35,000 employees were locked out of the company’s network, and Hydro had to shut down several manufacturing plants in Europe and the U.S. The ones still operating had to figure out how to do so without any computers. In the end, the attack would cost the company more than $60 million—way more than the $3.6 million the insurance policy has paid out so far, according to an earnings report. It was, according to the prosecutor investigating the breach, the worst cyberattack in Norway’s history.

Despite all this, Hydro never considered paying the ransom, because the anonymous hackers could have just taken their Bitcoin and disappeared. Even if they’d provided the key—and even if the key worked—it would have sent a message that Hydro was an easy mark, leading to future attacks and more extortion.

Instead, De Vliegher oversaw a fitful recovery from the attack, improvising with ancient PCs, fax machines, Post-it notes, and all manner of other analog technology. The response illustrates the painful reality that security consultants and law enforcement officials often bring up: Even when you do everything you can to protect yourself from a cyberattack, a determined adversary will almost always be able to wreak havoc. In other words, it’s less a question of how to stop hackers from breaking in than how to best survive the inevitable damage.

 

Share this post


Link to post
Share on other sites
Posted (edited)
4 minutes ago, sman said:

How to Survive a Ransomware Attack Without Paying the Ransom

Simple, Proper, regular image backups.

Edited by Porthos

Share this post


Link to post
Share on other sites

Yes. true but have to be in external drives outside network.

How To Ransomware-Proof Your Backups: 4 Key Best Practices

https://redmondmag.com/articles/2019/10/22/how-to-ransomware-proof-your-backups.aspx

Ransomware Attackers Use Your Cloud Backups Against You

https://www.bleepingcomputer.com/news/security/ransomware-attackers-use-your-cloud-backups-against-you/

Backups are one the most, if not the most, important defense against ransomware, but if not configured properly, attackers will use it against you.

Recently the DoppelPaymer Ransomware operators published on their leak site the Admin user name and password for a non-paying victim's Veeam backup software.

The new economics of data protection in a world of ransomware

“https://grahamcluley.com/cost-backups-ransomware/”

 

Share this post


Link to post
Share on other sites

Please remember only trained Experts are allowed to provide advise on detection and removal of malware. Though well meaning let's not get too ahead of ourselves here.

Thanks

 

Share this post


Link to post
Share on other sites

I completely agree that only experts are the best to go to and advice on this. Ans redmond being a reputed anti-malware experts, could'nt stop from quoting their views.

Share this post


Link to post
Share on other sites

Though I'm not an expert, as stated/adviced in redmond article, one can't rest with backup's, which can only be last line of defense and primary to protect from getting infected with a good anti-Ransomware tool.

This assumes more importance, as businesses/services can be hit if the reliance is only on backups, and what with Linux servers getting targeted and even IT Giants like Cognizant too hit with Ransomware (my bro is in Cognizant) as per https://www.livemint.com/companies/news/it-services-giant-cognizant-hit-by-maze-ransomware-11587261188175.html

So, a good anti-ransomware protection is a must for all netizens.  

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.