Hello,
Cryptolocker is very serious specially if it encrypts network drives (!).
The case(s) I know of here, the local admin preferred to pay the ransom in bitcoins. There was no other way.
In another context, we were able to exploit a weakness in the program when encrypting and then deleting the right file.
A block recovery was possible on the offline version of the affected disk.
In yet another case, they manage to recover the file via the windows shadow volume copy.
But, you have to understand the CCID, if it impossible to get the keys back and find these criminals and prosecuting them, is, well extremely challenging.
So, as good practice, I would advise you to have a proper business continuity plan with regular verified cloud backup....
Thanks and regards
hans
From: mauritius-internet-users-bounce_at_lists.elandnews.com [mailto:mauritius-internet-users-bounce_at_lists.elandnews.com] On Behalf Of Shelly Hermia Bhujun
Sent: Tuesday, February 09, 2016 8:40 PM
To: mauritius-internet-users_at_lists.elandnews.com
Subject: RE: Internet Security Day
Hello all,
_at_Nirvan It was great to hear your opinion regarding the 'Safer Internet Day'.
http://podcasts.defimedia.info/podcast/09-02-16-duel/
_at_SM Thank you for representing the Mauritius Internet Users SM.
http://www.lexpress.mu/article/275524/safer-internet-day-protegez-vous
I have never heard or come across about the word Ransomware (Ramsomware- I think there is a typo mistake on the article).
It is interesting to know about the dangers of the Internet as a daily Internet user. I was reading articles and blog posts about Ransomware and Cryptolocker and I found the following:
https://blog.malwarebytes.org/intelligence/2013/10/cryptolocker-ransomware-what-you-need-to-know/
http://blog.varonis.com/detect-clean-cryptolocker-infections/
So what if I come across such kind of problem? Do I contact the CCID? Because from what I read on the article, they don't seem to solve the issue but make fun of it. :)
Kind regards,
Shelly
Received on Tue Feb 09 2016 - 17:08:00 PST