The problem with that is that people don't know they're opening an exe. JPEG.exe is a photo, right?
Some people just aren't going to get it. Those, apparently, are the people we hire.
Also, to answer the OP, I am not using anything sophisticated currently. I'm just using syncback, and I take a look at the amount of data is plans on copying before I hit go. If its a huge amount (or all of it), I stop to take a closer look.
Its slower, and not automated, but better than losing everything.
Its slower, and not automated, but better than losing everything.
McLovin
Golden Member
- Jul 8, 2007
- 1,911
- 58
- 91
So funny story.
About a year ago my former employer got infected with Cryptolocker. It hit the email of the CEO's Assistant and she had access to a whole bunch of shared folder son our "server".
Cryptolocker infected not only her Laptop, but all those shared folders as well. She tried to blame someone else, but once the Cryptolocker message came up on her PC, she was caught lol.
This company was not on a Domain network and each PC only had local user login. The assistant's account was setup as an admin so needless to say she was hosed. The "server" was in fact a server with Server 2008 R2, but was only used by the accounting department for Great Plains and the shared folders that a few people used.
Worst part is, all of the assistant's files were corrupted, as well as ALL of the shared folders she had access to, including a dropbox account. My boss swore up and down that AT&T was giving him some sort of remote cloud backup service that we had been paying for 2 years and guess what? That backup solution did not work. We had no backup for her pc, or anyone else's PCs for that matter, nor did we have a backup for the server and all those shared files. We had to pay the ransom of almost $2,500 to get our info back.
No, my Boss nor the Assistant were fired or reprimanded and when I was laid off in November, a backup system was still not in place.
Side story, we gave our Medical Director a new PC when she got a promotion to that position and I transferred her data over to the new PC. 6 months later, the HDD on that new system failed. It failed so badly, data recovery was impossible. MY first response was, it's cool my Boss will have a backup of her PC and we can just restore the data. Nope. No data backup. She was PISSED. When she asked him why he hadn't bothered to have a backup of her system and the 10 YEARS worth of documents she had accumulated working for us, his answer was "I'm not responsible for your data or backing it up, that's your job".
He was not fired or reprimanded for that incident either. This incident also took place before the Cryptolocker Incident and how I found out that he had been lying about not having backups of anybody's stuff.
About a year ago my former employer got infected with Cryptolocker. It hit the email of the CEO's Assistant and she had access to a whole bunch of shared folder son our "server".
Cryptolocker infected not only her Laptop, but all those shared folders as well. She tried to blame someone else, but once the Cryptolocker message came up on her PC, she was caught lol.
This company was not on a Domain network and each PC only had local user login. The assistant's account was setup as an admin so needless to say she was hosed. The "server" was in fact a server with Server 2008 R2, but was only used by the accounting department for Great Plains and the shared folders that a few people used.
Worst part is, all of the assistant's files were corrupted, as well as ALL of the shared folders she had access to, including a dropbox account. My boss swore up and down that AT&T was giving him some sort of remote cloud backup service that we had been paying for 2 years and guess what? That backup solution did not work. We had no backup for her pc, or anyone else's PCs for that matter, nor did we have a backup for the server and all those shared files. We had to pay the ransom of almost $2,500 to get our info back.
No, my Boss nor the Assistant were fired or reprimanded and when I was laid off in November, a backup system was still not in place.
Side story, we gave our Medical Director a new PC when she got a promotion to that position and I transferred her data over to the new PC. 6 months later, the HDD on that new system failed. It failed so badly, data recovery was impossible. MY first response was, it's cool my Boss will have a backup of her PC and we can just restore the data. Nope. No data backup. She was PISSED. When she asked him why he hadn't bothered to have a backup of her system and the 10 YEARS worth of documents she had accumulated working for us, his answer was "I'm not responsible for your data or backing it up, that's your job".
He was not fired or reprimanded for that incident either. This incident also took place before the Cryptolocker Incident and how I found out that he had been lying about not having backups of anybody's stuff.
Last edited:
Cerb
Elite Member
- Aug 26, 2000
- 17,484
- 33
- 86
Second problem: how many EXEs can you run, that don't come from the internet? Out of everything installed on the PC I'm at right now, I can come up with all of 2, over the machine's entire lifespan, so far.
- Mar 4, 2000
- 27,370
- 239
- 106
No! *.jpg is a photo.
Here's how I do it. I keep a cloned duplicate of my SSD on an external HDD. When that is done, the drive is disconnected. I reclone that anytime there is an upgrade/update, etc. If, for some reason my SSD falls victim to any malware, I shutdown. I connect the duplicate HDD (in a eSATA linked case), and boot to my cloneware on a bootable thumbdrive. I clone the HDD to the corrupted SSD. When done, I disconnect the HDD and reboot to the SSD - all fixed, no malware.
chubbyfatazn
Golden Member
- Oct 14, 2006
- 1,617
- 35
- 91
dave_the_nerd
Lifer
- Feb 25, 2011
- 16,991
- 1,620
- 126
I wonder how efficient ZFS snapshots and dedup/compression would be for long-term archival.
Since ZFS snapshots are at the file system level, it wouldn't (shouldn't?) matter if cryptolocker nailed all the data on the network share, you could just revert to the previous snapshot and then restore the client from the last unencrypted backup.
I'm thinking you could automate that pretty effectively if you were using a ZFS-backed NAS for client backups.
Since ZFS snapshots are at the file system level, it wouldn't (shouldn't?) matter if cryptolocker nailed all the data on the network share, you could just revert to the previous snapshot and then restore the client from the last unencrypted backup.
I'm thinking you could automate that pretty effectively if you were using a ZFS-backed NAS for client backups.
Yeah that was a little sarcasm there.
To be more direct, you can tell someone not to open an EXE, but the majority of people that get infected with viruses wouldn't be able to tell you the difference between an EXE and a photo.
- Mar 4, 2000
- 27,370
- 239
- 106
LOL! True enough. Perhaps they simply reap what they sow.
Well, I get to reap what they sow because I have to clean up the mess afterwards.
Too bad I have to stick with replacing hard drives and not replacing users. Glad this isn't my day job.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 24K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter