|
Post by Old Techo on Oct 31, 2022 13:02:55 GMT 10
|
|
|
Post by nsgnomad on Nov 1, 2022 22:42:50 GMT 10
But for the everyday Joe, or forum member, what can they do. To the casual reader, the article doesn't mean very much.
|
|
|
Post by spaceland on Nov 2, 2022 7:01:03 GMT 10
The article does mean a lot to the likes of us. Everyone is a likely subject to these attacks. Our systems are easy to attack if left unprotected. They do attack sole users and demand a four or five figure sum to release your site.
What can we do? The better security suites like Bitdefender and its ilks have protection against ransomware attacks. Subscribe to a good one. The other thing is, be vigilant in your backup regime and system backups. If you are hit, you simply wipe your system, install a new one and reinstall your data.
|
|
|
Post by Old Techo on Nov 2, 2022 16:35:50 GMT 10
It’s true that my link was of not much value, but I wanted to raise the topic.
Perhaps this is more useful… www.malwarebytes.com/ransomware
Having data stolen as with Optus and Medibank is one thing but ransomware is another.
As a private individual stolen data may not be much of a threat to you. Depends upon the nature of personal details. Of course identify and financial theft are significant issues if that was exposed.
One person I know keeps all of this sort of private risky stuff on a separate computer that is never connected to the internet. That is a great way to prevent on-line infection and theft.
Ransomware is another story. Your data may not be stolen at all but you can be denied any access whatsoever. Perhaps analogous to having your house locked and no way of gaining access by any means except pay a ransom.
A complete loss of access to computer data would be a disaster for me as I depend upon it so much. Apart from personal and financial stuff I have heaps of family history and genealogical stuff.
I have for at least 2 decades recommended installing your Operating System at least on its own hard drive partition and data on another. Better still put the OS on one hard drive and data on another hard drive. When I say hard drive that includes a Sold State Drive.
I have highly recommended the use of www.macrium.com/reflect-free-faq as a means of saving an image of your OS. The free version does all I need. I do an OS back-up maybe once every couple of months.
My nearly 1TB of Data lives on a separate hard drive and is backed-up every night when I shut down my PC. Said back-up is to yet another internal hard drive but also to an external hard drive that is only connected for the back-ups thus should be reasonably safe from a ransom attack. However even this method is not immune from attack as ‘sleeper’ ransomware can infect but not be activated for weeks. Being oblivious to the sleeper this means one can back-up the sleeper to an external drive.
If the Data back-up is pure data, meaning no executable files, then I don’t know how a sleeper file could ever run. I am out of my depth at this point.
The Macrium paid version claims to solve ransomware attacks… www.macrium.com/mig
General help… knowledgebase.macrium.com/
|
|
|
Post by spaceland on Nov 2, 2022 22:52:11 GMT 10
My nearly 1TB of Data lives on a separate hard drive and is backed-up every night when I shut down my PC. Said back-up is to yet another internal hard drive but also to an external hard drive that is only connected for the back-ups thus should be reasonably safe from a ransom attack. However even this method is not immune from attack as ‘sleeper’ ransomware can infect but not be activated for weeks. Being oblivious to the sleeper this means one can back-up the sleeper to an external drive.
The sleeper ransomware is one reason I don't bother with a system backup. I am more inclined to reinstall the whole operating system If I have a bad virus or ransomware attack. That way I know I have a clean system. As I use mainly non-proprietary applications, I have the installation downloads in a separate download directory. To ensure I have big problems, I will wipe both drives, install a new system and when it is operating, I will then reload my data drive from my backups after checking them with Bitdefender. I will have access to my app installation data and can reinstall my apps as I need them. I consider that will be easier than attempting to sort out damaged systems and data on my machine.
|
|
|
Post by Old Techo on Nov 3, 2022 8:40:42 GMT 10
I understand your approach PD but it won’t work for me.
The thing I dread most is having to install an OS from scratch on say a new PC or new hard drive. It takes me so much work and so long to complete.
I have so many Apps to reinstall and populate then arrange my desktop. Worst of all is setting up MS Office and especially Outlook. There is a lot of personalisation for Office and Outlook is a nightmare.
My desktop normally looks like the pic below (deliberately blurred) and Outlook Accounts cannot be exported or saved so each one must be created from scratch. As I have close to 100 accounts that takes many hours of monotonous typing
It is possible that my last saved OS image could contain sleeper ransomware but in that case I would go back to the one before, or one before that. If my OS image was 6 months old it would only take minor tweaks to bring it uptodate.
|
|
|
Post by spaceland on Nov 3, 2022 15:00:07 GMT 10
So how do you get on with a new computer? I doubt that I will have to recover from a ransomware attack as I get a new computer (generally in excess of 4 years.) Probably if I ever get locked out of my computer it will possibly be getting near to replacement time. If that happens, a new computer will sound good anyway.
|
|
|
Post by Old Techo on Nov 3, 2022 15:33:47 GMT 10
My current desktop I bought in May 2010 and I have had a replacement on my job list for 2 years but not gotten around to it. Early this year I did buy a new Lenovo laptop to replace my 2010 Toshiba and had to do the hard-slog of App manual installation and Outlook account creation. However my laptop does not need all of my desktop Apps nor Outlook accounts. It was still a pain though taking a few days to complete. I do have all of my App installation files on an internal dedicated hard drive so at least I'm not farting about with a heap of installation CD/DVDs.
|
|
|
Post by Old Techo on Nov 23, 2022 16:02:25 GMT 10
A few recent cyber comments here... ITbrief
|
|
|
Post by Old Techo on Nov 25, 2022 18:11:06 GMT 10
|
|
|
Post by Old Techo on Dec 7, 2022 13:12:43 GMT 10
|
|
|
Post by Old Techo on Dec 28, 2023 9:45:29 GMT 10
Even the Germans get caught...
www.bleepingcomputer.com/news/security/lockbit-ransomware-disrupts-emergency-care-at-german-hospitals/?utm_source=dlvr.it&utm_medium=twitter
German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) has confirmed that recent service disruptions at three hospitals were caused by a Lockbit ransomware attack. The attack occurred on Saturday in the early morning of December 24, 2023. It severely impacted the systems that support the operations of three hospitals in Bielefeld, Rheda-Wiedenbrück, and Herford, Germany. "Unknown actors have gained access to the systems of the IT infrastructure of the hospitals and have encrypted data," reads the machine-translated announcement from the hospital. "A first test showed that it is probably a cyberattack by Lockbit 3.0, the resolution time of which is currently unforeseeable." "For security reasons, all systems were shut down immediately upon discovery, and all necessary parties and institutions were informed." At this time, investigations are underway, and the extent of the damage and if the attackers stole data haven't been determined yet. The following three hospitals, which KHO operates, have been impacted by the cyberattack: Franziskus Hospital Bielefeld – 614 beds, ten specialist departments, 390 doctors and staff Sankt Vinzenz Hospital Rheda-Wiedenbrück – 614 beds, five specialist departments, 200 doctors and staff Mathilden Hospital Herford – 614 beds, eight specialist departments, 230 doctors and staff The above hospitals play a critical role in providing healthcare services in their respective locations, so a cyberattack impacting their IT systems could have dire repercussions for people in medical emergencies. KHO's announcement clarifies that patient treatment continues as normal in the impacted hospitals, and all clinic operations remain available, albeit with some technical restrictions. Essential patient information remains accessible through the successful restoration of backups. However, emergency care is unavailable in the three KHO hospitals, so people urgently needing medical care are diverted elsewhere, possibly resulting in critical delays. At the time of writing, the Lockbit ransomware gang hasn't added KHO to its extortion portal on the dark web, so whether or not the cybercriminals stole patient data or other sensitive information hasn't been determined yet.
|
|
|
Post by Old Techo on Jan 11, 2024 16:44:54 GMT 10
|
|