The two kinds of computer users
-
There are 2 kinds of computer users in the world: Those who regularly backup data and systems images, and those who wish to gawd they did! :)
Get me coffee and no one gets hurt!
I took an image of my C drive yesterday after the news of the ransomware emails spreading through the UK press.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
-
I took an image of my C drive yesterday after the news of the ransomware emails spreading through the UK press.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
-
I took an image of my C drive yesterday after the news of the ransomware emails spreading through the UK press.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
Why? Do you open e-mail from people you don't know? Did you miss the 27,000 memos, too? 99% of good security boils down to not doing stupid things.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Why? Do you open e-mail from people you don't know? Did you miss the 27,000 memos, too? 99% of good security boils down to not doing stupid things.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Why? Do you open e-mail from people you don't know? Did you miss the 27,000 memos, too? 99% of good security boils down to not doing stupid things.
I wanna be a eunuchs developer! Pass me a bread knife!
In an attempt to become the most secure IT company a local IT company shut down all their computers, fired all the employees, then the CEO resigned :)
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
-
In an attempt to become the most secure IT company a local IT company shut down all their computers, fired all the employees, then the CEO resigned :)
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
-
Sounds like you fall into the second category. Good luck!
Get me coffee and no one gets hurt!
Kidding, right? My back-up routine falls under the military category "Mutual Support", with files flying in every direction, from every machine to every machine, in perfectly-timed relays. It's better planned than the bus services in most cities. I could lose two-thirds of the machines on my network without losing a file, and would only lose any important files if all the devices failed at the same time as the Internet was switched off forever. But I'm still not so stupid as to open e-mails from people I don't know, and will only open attachments to e-mails if the person has told me in advance (through a medium other than e-mail) that he's sending me an e-mail with an attachment.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Why? Do you open e-mail from people you don't know? Did you miss the 27,000 memos, too? 99% of good security boils down to not doing stupid things.
I wanna be a eunuchs developer! Pass me a bread knife!
I don't open links from a non-known provenance. However these emails were quite clever in that they included the postal addresses of the people they were aimed at. This fooled a lot of people into clicking on the link. I could imagine the next version would be hackers looking for the word 'love' at the end of an email account they had hacked, then do an analysis of the email, write a similar email with a "look at these funny cat videos" link and spoof the sender's address. This could catch out even the most battle hardened IT troopers as not many of us can resist funny cat videos from family members. I remember the good old earlier days of the interwebs when precisely for this reason we were all recommended to switch off javascript in our browsers and never click on any links in emails. However nowadays browser security may again be becoming an issue largely because of the predominance of javascript enabled attacks. I hope I am wrong on this front and if I am please correct me.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
-
I don't open links from a non-known provenance. However these emails were quite clever in that they included the postal addresses of the people they were aimed at. This fooled a lot of people into clicking on the link. I could imagine the next version would be hackers looking for the word 'love' at the end of an email account they had hacked, then do an analysis of the email, write a similar email with a "look at these funny cat videos" link and spoof the sender's address. This could catch out even the most battle hardened IT troopers as not many of us can resist funny cat videos from family members. I remember the good old earlier days of the interwebs when precisely for this reason we were all recommended to switch off javascript in our browsers and never click on any links in emails. However nowadays browser security may again be becoming an issue largely because of the predominance of javascript enabled attacks. I hope I am wrong on this front and if I am please correct me.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
Oh, c'mon. Do we have to Get Darth Vader to climb back into his Green Cross Man costume? Don't open any e-mail that has an attachment without first confirming with the person who (appears to have) sent it to you, show only picture placeholders by default, and look both ways before crossing the road. It ain't rocket surgery. Curiosity killed the computer.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Kidding, right? My back-up routine falls under the military category "Mutual Support", with files flying in every direction, from every machine to every machine, in perfectly-timed relays. It's better planned than the bus services in most cities. I could lose two-thirds of the machines on my network without losing a file, and would only lose any important files if all the devices failed at the same time as the Internet was switched off forever. But I'm still not so stupid as to open e-mails from people I don't know, and will only open attachments to e-mails if the person has told me in advance (through a medium other than e-mail) that he's sending me an e-mail with an attachment.
I wanna be a eunuchs developer! Pass me a bread knife!
Seems you have backups under control. The problem is not emails from scumbag entities, but more: Infected websites. I NEVER EVER open emails from untrusted sources, especially if it says it has an invoice attached. X| However, when browsing for info on the Internet: How do you know in advance that a particular link that came up in Google is infected? I refuse to cower in a safe little corner of the Internet for fear of infection. Because of a disciplined backup regime, I can recover from an infection in a minimum of time. (So far this year I had to do it three times!)
Get me coffee and no one gets hurt!
-
Why? Do you open e-mail from people you don't know? Did you miss the 27,000 memos, too? 99% of good security boils down to not doing stupid things.
I wanna be a eunuchs developer! Pass me a bread knife!
One of our customers recently opened a link from an email from his internet provider. The link looked alright (formatted as provider.com/businessinvoice), but actually linked to some weird website from Italy. The email was signed by the manager products and marketing (because they send invoices, apparently). A quick Google even learned this guy wasn't director anymore, but who checks that (I'm surprised they even used an actual person's name). It was sent to jobs@company.com, because it's totally legit that the email address for job gets invoices. And it contained sentences like "To get more info a! bout...". WHY THE HELL DO PEOPLE OPEN THESE LINKS!? :~ In this case the result was CryptoLocker, booooooom! Mandatory Dilbert[^]
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
-
Oh, c'mon. Do we have to Get Darth Vader to climb back into his Green Cross Man costume? Don't open any e-mail that has an attachment without first confirming with the person who (appears to have) sent it to you, show only picture placeholders by default, and look both ways before crossing the road. It ain't rocket surgery. Curiosity killed the computer.
I wanna be a eunuchs developer! Pass me a bread knife!
Mark_Wallace wrote:
Oh, c'mon. Do we have to Get Darth Vader to climb back into his Green Cross Man costume?
:laugh: I agree with what you are saying and think your previous post with the solution of having a means of replicating files is a decent way to go if you have the hardware resources.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
-
One of our customers recently opened a link from an email from his internet provider. The link looked alright (formatted as provider.com/businessinvoice), but actually linked to some weird website from Italy. The email was signed by the manager products and marketing (because they send invoices, apparently). A quick Google even learned this guy wasn't director anymore, but who checks that (I'm surprised they even used an actual person's name). It was sent to jobs@company.com, because it's totally legit that the email address for job gets invoices. And it contained sentences like "To get more info a! bout...". WHY THE HELL DO PEOPLE OPEN THESE LINKS!? :~ In this case the result was CryptoLocker, booooooom! Mandatory Dilbert[^]
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
-
Did your customer pay, or was he fully backed up. Note: Most cryptolockers will encrypt even NAS devices. Backing up to a NAS is simply not enough!
Get me coffee and no one gets hurt!
I really don't know. He wasn't my customer or even a customer of the team. Just a customer of the company and someone shared the story on our internal website (with screenshot). Come to think of it, maybe this was one of those "friend of a friend" scenario's and he really meant "me" when he said "customer" :laugh:
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
-
Seems you have backups under control. The problem is not emails from scumbag entities, but more: Infected websites. I NEVER EVER open emails from untrusted sources, especially if it says it has an invoice attached. X| However, when browsing for info on the Internet: How do you know in advance that a particular link that came up in Google is infected? I refuse to cower in a safe little corner of the Internet for fear of infection. Because of a disciplined backup regime, I can recover from an infection in a minimum of time. (So far this year I had to do it three times!)
Get me coffee and no one gets hurt!
Well, my Interwebs use is pretty dull, compared to most people's. I haven't done much surfing for years (mainly because 85% of what you find by surfing is better left unfound), and I never click links that have emphatic adjectives in them. "This could cause me to have to do work that I don't want to do" is always in the back of my mind, so I always think twice before clicking almost anything. I think I'll get a T-shirt printed with "Curiosity Killed the Computer!" (and "No, I won't Fix it for You!" on the back).
I wanna be a eunuchs developer! Pass me a bread knife!
-
One of our customers recently opened a link from an email from his internet provider. The link looked alright (formatted as provider.com/businessinvoice), but actually linked to some weird website from Italy. The email was signed by the manager products and marketing (because they send invoices, apparently). A quick Google even learned this guy wasn't director anymore, but who checks that (I'm surprised they even used an actual person's name). It was sent to jobs@company.com, because it's totally legit that the email address for job gets invoices. And it contained sentences like "To get more info a! bout...". WHY THE HELL DO PEOPLE OPEN THESE LINKS!? :~ In this case the result was CryptoLocker, booooooom! Mandatory Dilbert[^]
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
-
They get email all the time has "VOICE MAIL MESSAGE FROM 5139756654 53sec" or randome numbers. Inside is voice mail message.zip In there becomes voice mail message.wav.exe :(
I remember years ago, when the Unix and Apple anti-Windows-Bitching Brigade (this was pre-Linux) were going on and on about one of the reasons Windows was cr@p was that it used file extensions, and files should be opened according to their content, not some stupid three-letter extension. Trying to explain to a moron that he's a moron was just as hard then as it is now.
I wanna be a eunuchs developer! Pass me a bread knife!
-
I remember years ago, when the Unix and Apple anti-Windows-Bitching Brigade (this was pre-Linux) were going on and on about one of the reasons Windows was cr@p was that it used file extensions, and files should be opened according to their content, not some stupid three-letter extension. Trying to explain to a moron that he's a moron was just as hard then as it is now.
I wanna be a eunuchs developer! Pass me a bread knife!
-
They get email all the time has "VOICE MAIL MESSAGE FROM 5139756654 53sec" or randome numbers. Inside is voice mail message.zip In there becomes voice mail message.wav.exe :(
Well, don't leave us in excitement! What did the voice mails say!? ;p
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
