Sunday, November 26, 2017
When being ONLINE costs you $250,000. A warning thats good for all businesses (and IT people)
Being online is the big trend (obviously). Everything has to be connected, fast, immediate.
I'm writing this short post to warn people about a common (it turns out) mistake.
Every time I leave on a business trip, I get an emergency call. Every single time.
I'm in Paris, it's 1:25am, I just got here a few days ago and am still jet lagged, and I get an emergency call from a trusted contact that one of his clients is in trouble. I have just enjoyed a series of good wines in the hopes of falling asleep and moving into this timezone and now I have to talk a jumper down from the ledge (just kidding, this client was relatively calm).
Well, this "trouble" I have seen 4 times in the last 3 weeks which I'm starting to find alarming.
Ransomeware is the culprit. The difference is this time, a longer then usual series of mistakes has led to three interconnected companies to being infected. A real lottery winner in the world of Ransomeware.
The initial ransom requested : $250,000 (20 bitcoins)
So this is my forth case in three weeks..... what do they all have in common...... Online backups.
- Some have disk to disk live backs
- Some have a large USB key stuck in something somewhere and thats their backup
- Some have online (Internet) backup but only pay to keep one full copy (crappy service in my mind).
In this day and age, the fact that companies are failing at one of the oldest IT issues (a fondamental one) is still surprising me.
Live (always connected) backups usually means no backups when the right failure takes place.
CALL TO ACTION
So if you "think" you have backups, check if they are offline. Check if they would survive a ransomware attack.
And by check I mean have a "real" security expert validate your backup architecture.
You see, when you have good backups, you don't have to pay large sums of money to criminals to get your data back.
Wow.... what a novel idea. Backups that work!
This reminds me of a legal case from many years ago between a large and respected (cough cough) IT firm that had screwed up one of their important clients backup.
In the court hearings, the IT service provider actually said the following: "Our contract stipulates that we take backups and makes no guarantees that we can restore them". Can you imagine being told that after you've lost all your data.
Trust but verify.
I'm going to bed now, before my wine stops making me happy.
This will be a short blog entry. Essentially, a general observation. If your enterprise was breached and screenshots of user account passwo...
Timing is everything you know Publishing that government systems have been compromised on a Friday must be part of the Anonymous strategy....
UPDATE JAN 2nd 2020 - 13:45. The 37 gig file contains email addresses used in phishing attacks. The emails contained are a complete mix of...