The two kinds of computer users
-
Why? Do you open e-mail from people you don't know? Did you miss the 27,000 memos, too? 99% of good security boils down to not doing stupid things.
I wanna be a eunuchs developer! Pass me a bread knife!
I don't open links from a non-known provenance. However these emails were quite clever in that they included the postal addresses of the people they were aimed at. This fooled a lot of people into clicking on the link. I could imagine the next version would be hackers looking for the word 'love' at the end of an email account they had hacked, then do an analysis of the email, write a similar email with a "look at these funny cat videos" link and spoof the sender's address. This could catch out even the most battle hardened IT troopers as not many of us can resist funny cat videos from family members. I remember the good old earlier days of the interwebs when precisely for this reason we were all recommended to switch off javascript in our browsers and never click on any links in emails. However nowadays browser security may again be becoming an issue largely because of the predominance of javascript enabled attacks. I hope I am wrong on this front and if I am please correct me.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
-
I don't open links from a non-known provenance. However these emails were quite clever in that they included the postal addresses of the people they were aimed at. This fooled a lot of people into clicking on the link. I could imagine the next version would be hackers looking for the word 'love' at the end of an email account they had hacked, then do an analysis of the email, write a similar email with a "look at these funny cat videos" link and spoof the sender's address. This could catch out even the most battle hardened IT troopers as not many of us can resist funny cat videos from family members. I remember the good old earlier days of the interwebs when precisely for this reason we were all recommended to switch off javascript in our browsers and never click on any links in emails. However nowadays browser security may again be becoming an issue largely because of the predominance of javascript enabled attacks. I hope I am wrong on this front and if I am please correct me.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
Oh, c'mon. Do we have to Get Darth Vader to climb back into his Green Cross Man costume? Don't open any e-mail that has an attachment without first confirming with the person who (appears to have) sent it to you, show only picture placeholders by default, and look both ways before crossing the road. It ain't rocket surgery. Curiosity killed the computer.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Kidding, right? My back-up routine falls under the military category "Mutual Support", with files flying in every direction, from every machine to every machine, in perfectly-timed relays. It's better planned than the bus services in most cities. I could lose two-thirds of the machines on my network without losing a file, and would only lose any important files if all the devices failed at the same time as the Internet was switched off forever. But I'm still not so stupid as to open e-mails from people I don't know, and will only open attachments to e-mails if the person has told me in advance (through a medium other than e-mail) that he's sending me an e-mail with an attachment.
I wanna be a eunuchs developer! Pass me a bread knife!
Seems you have backups under control. The problem is not emails from scumbag entities, but more: Infected websites. I NEVER EVER open emails from untrusted sources, especially if it says it has an invoice attached. X| However, when browsing for info on the Internet: How do you know in advance that a particular link that came up in Google is infected? I refuse to cower in a safe little corner of the Internet for fear of infection. Because of a disciplined backup regime, I can recover from an infection in a minimum of time. (So far this year I had to do it three times!)
Get me coffee and no one gets hurt!
-
Why? Do you open e-mail from people you don't know? Did you miss the 27,000 memos, too? 99% of good security boils down to not doing stupid things.
I wanna be a eunuchs developer! Pass me a bread knife!
One of our customers recently opened a link from an email from his internet provider. The link looked alright (formatted as provider.com/businessinvoice), but actually linked to some weird website from Italy. The email was signed by the manager products and marketing (because they send invoices, apparently). A quick Google even learned this guy wasn't director anymore, but who checks that (I'm surprised they even used an actual person's name). It was sent to jobs@company.com, because it's totally legit that the email address for job gets invoices. And it contained sentences like "To get more info a! bout...". WHY THE HELL DO PEOPLE OPEN THESE LINKS!? :~ In this case the result was CryptoLocker, booooooom! Mandatory Dilbert[^]
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
-
Oh, c'mon. Do we have to Get Darth Vader to climb back into his Green Cross Man costume? Don't open any e-mail that has an attachment without first confirming with the person who (appears to have) sent it to you, show only picture placeholders by default, and look both ways before crossing the road. It ain't rocket surgery. Curiosity killed the computer.
I wanna be a eunuchs developer! Pass me a bread knife!
Mark_Wallace wrote:
Oh, c'mon. Do we have to Get Darth Vader to climb back into his Green Cross Man costume?
:laugh: I agree with what you are saying and think your previous post with the solution of having a means of replicating files is a decent way to go if you have the hardware resources.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
-
One of our customers recently opened a link from an email from his internet provider. The link looked alright (formatted as provider.com/businessinvoice), but actually linked to some weird website from Italy. The email was signed by the manager products and marketing (because they send invoices, apparently). A quick Google even learned this guy wasn't director anymore, but who checks that (I'm surprised they even used an actual person's name). It was sent to jobs@company.com, because it's totally legit that the email address for job gets invoices. And it contained sentences like "To get more info a! bout...". WHY THE HELL DO PEOPLE OPEN THESE LINKS!? :~ In this case the result was CryptoLocker, booooooom! Mandatory Dilbert[^]
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
-
Did your customer pay, or was he fully backed up. Note: Most cryptolockers will encrypt even NAS devices. Backing up to a NAS is simply not enough!
Get me coffee and no one gets hurt!
I really don't know. He wasn't my customer or even a customer of the team. Just a customer of the company and someone shared the story on our internal website (with screenshot). Come to think of it, maybe this was one of those "friend of a friend" scenario's and he really meant "me" when he said "customer" :laugh:
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
-
Seems you have backups under control. The problem is not emails from scumbag entities, but more: Infected websites. I NEVER EVER open emails from untrusted sources, especially if it says it has an invoice attached. X| However, when browsing for info on the Internet: How do you know in advance that a particular link that came up in Google is infected? I refuse to cower in a safe little corner of the Internet for fear of infection. Because of a disciplined backup regime, I can recover from an infection in a minimum of time. (So far this year I had to do it three times!)
Get me coffee and no one gets hurt!
Well, my Interwebs use is pretty dull, compared to most people's. I haven't done much surfing for years (mainly because 85% of what you find by surfing is better left unfound), and I never click links that have emphatic adjectives in them. "This could cause me to have to do work that I don't want to do" is always in the back of my mind, so I always think twice before clicking almost anything. I think I'll get a T-shirt printed with "Curiosity Killed the Computer!" (and "No, I won't Fix it for You!" on the back).
I wanna be a eunuchs developer! Pass me a bread knife!
-
One of our customers recently opened a link from an email from his internet provider. The link looked alright (formatted as provider.com/businessinvoice), but actually linked to some weird website from Italy. The email was signed by the manager products and marketing (because they send invoices, apparently). A quick Google even learned this guy wasn't director anymore, but who checks that (I'm surprised they even used an actual person's name). It was sent to jobs@company.com, because it's totally legit that the email address for job gets invoices. And it contained sentences like "To get more info a! bout...". WHY THE HELL DO PEOPLE OPEN THESE LINKS!? :~ In this case the result was CryptoLocker, booooooom! Mandatory Dilbert[^]
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
-
They get email all the time has "VOICE MAIL MESSAGE FROM 5139756654 53sec" or randome numbers. Inside is voice mail message.zip In there becomes voice mail message.wav.exe :(
I remember years ago, when the Unix and Apple anti-Windows-Bitching Brigade (this was pre-Linux) were going on and on about one of the reasons Windows was cr@p was that it used file extensions, and files should be opened according to their content, not some stupid three-letter extension. Trying to explain to a moron that he's a moron was just as hard then as it is now.
I wanna be a eunuchs developer! Pass me a bread knife!
-
I remember years ago, when the Unix and Apple anti-Windows-Bitching Brigade (this was pre-Linux) were going on and on about one of the reasons Windows was cr@p was that it used file extensions, and files should be opened according to their content, not some stupid three-letter extension. Trying to explain to a moron that he's a moron was just as hard then as it is now.
I wanna be a eunuchs developer! Pass me a bread knife!
-
They get email all the time has "VOICE MAIL MESSAGE FROM 5139756654 53sec" or randome numbers. Inside is voice mail message.zip In there becomes voice mail message.wav.exe :(
Well, don't leave us in excitement! What did the voice mails say!? ;p
Visit my blog at Sander's bits - Writing the code you need. Or read my articles at my CodeProject profile.
Simplicity is prerequisite for reliability. — Edsger W. Dijkstra
Regards, Sander
-
I took an image of my C drive yesterday after the news of the ransomware emails spreading through the UK press.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
-
No, I do take images but they could be done more regularly. I checked my spreadsheet detailing which drives get imaged and when they were last imaged. My C drive was last imaged in November last year so I thought it would be a very good idea to create another image.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
-
There are 2 kinds of computer users in the world: Those who regularly backup data and systems images, and those who wish to gawd they did! :)
Get me coffee and no one gets hurt!
Ransomeware got into the place I work. The IT server group got called in and spent the night. In the morning, almost everything was restored from the backups.* I was unaffected: I (and the other developers) have a box and were not in the forest when the fire broke out. I've had fear of attack since the 80's. For the hell of it, I keep my (home) NAS offline much of the time. Sounds crazy, but it's become storage central (do they call that a personal cloud these days). All goodies survived super storm Sandy on it's raid-1 drives, and I only lost the computers. Much easier to replace. Except for the every-increasing cost of good aluminum foil, paranoia has its perks.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"As far as we know, our computer has never had an undetected error." - Weisert
"If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
-
Do you pay a "wu mao" or two? Two upvotes for that looks very much like sock-puppetry, given that the person you replied to didn't get an upvote for actually saying what you only gave a thumbs-up to.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Ransomeware got into the place I work. The IT server group got called in and spent the night. In the morning, almost everything was restored from the backups.* I was unaffected: I (and the other developers) have a box and were not in the forest when the fire broke out. I've had fear of attack since the 80's. For the hell of it, I keep my (home) NAS offline much of the time. Sounds crazy, but it's become storage central (do they call that a personal cloud these days). All goodies survived super storm Sandy on it's raid-1 drives, and I only lost the computers. Much easier to replace. Except for the every-increasing cost of good aluminum foil, paranoia has its perks.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"As far as we know, our computer has never had an undetected error." - Weisert
"If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
-
No, I do take images but they could be done more regularly. I checked my spreadsheet detailing which drives get imaged and when they were last imaged. My C drive was last imaged in November last year so I thought it would be a very good idea to create another image.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
-
Do you pay a "wu mao" or two? Two upvotes for that looks very much like sock-puppetry, given that the person you replied to didn't get an upvote for actually saying what you only gave a thumbs-up to.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Do you pay a "wu mao" or two? Two upvotes for that looks very much like sock-puppetry, given that the person you replied to didn't get an upvote for actually saying what you only gave a thumbs-up to.
I wanna be a eunuchs developer! Pass me a bread knife!
