Why the rise of ransomware attacks should worry you


#1

[Read the post]


#2

There is also the fact that IT is seen as cost center that needs to be minimized. Even though the upfront cost is expensive the budget keepers and profit margin monitors don’t realize the even higher cost when oh we just lost 3 days or more of productivity from everyone is the cost of not paying up front when the IT folk ask for it.
Until that changes and it won’t till this really hurts a big firm bad. Sadly to what I have seen in 20 years of corporate IT support it doesn’t change till they learn the hard way.


#3

So much this. I’ve been at organizations where IT is forced to grant local administrator privileges to large swathes of the company, and where we couldn’t use AppLocker because it’s “too constrictive.” Of course, there are third-party solutions, but anything above $0 is an “unreasonable” cost. Oh well, hope you have good backups.


#4

Luckily where I work figured some things out ahead of the curve (still somewhat the hard way just a lot eariler)
Very few people have local admin rights, basically developers and such or the few bits of software that require it and that is audited and approved every year. I found that I got along just fine without it when they took it away from us as server admins.

We use different accounts to do server admin work than what we use for email, etc. Heck I have to get an exception to use a password for my day to day account cause stupid Rational products are not smart card aware.

When I had access to the servers that have PII data (and we actually never had access to the data itself, it was all wrapped up in SQL that only the DBAs could fiddle with) it was a quarterly check on access with me electronically checking in and registering my laptop and a scan had to be run on it to look for PII locally, and about a year before I left general server support a background check every 2 years.


#5

It’s hard to believe that in 2016 people can still be so clueless about this. The Pentagon knows that cyberwarfare is a real thing, and they’re in the business of killing people. But huge chunks of our computer infrastructure are run by people who believe in the equivalent of magic beans.

Thank God I use a Mac, so I don’t have to worry about this stuff.


#6

Was going to say that same thing. The MBAs and others at the top see the IT group as a money sink that doesn’t do anything for the company. Then something like this happens and who starts screaming about why it happened and why didn’t they have security in place?


#7

Back-up frequently and avoid Microsoft products.


#8

It is not just on microsoft systems. It can come in through your browser ransomware hits phone and tablets. So far it is just a scam, they lock out your browser, but don’t access your data. It is just a matter of time.


#9

I’m inclined to label this trivial, though I may be eating that label in the future.


#10

You forgot the king of legalized ramsomware. Oracle.


#11

Three words: Mandatory. Access. Control.

Ironically… not terribly mandatory in most systems. Unfortunately, try getting most users to learn to like it, much less use it.

ETA: On second thought… encryption isn’t locked up by MAC anyway. I guess this is why I’m not in IT. :unamused:


#12

That’s what I don’t understand. Most all methods of paying someone significant amounts remotely are traceable. How do they not get caught by just following the money?


#13

simply by being in another country where we can’t prosecute them.


#14

Speaking of “cost centers”, my department just lost it’s COLA this year, because an non-technical executive of our IT department (yeah. The guy was the VP of finance, retired, then was hired on as the VP of IT and physical security 3 months later) made a bad decision. To push out new store kiosk software a week before a big sale. It was so rapid the software wasn’t tested. The sale was our springtime Black Friday. We had no chance to field test, find any bugs, or develop workarounds for known issues.

He gets to keep his job. We get to not have our pay match inflation.


#15

#16

I know. We’ve been working overtime for two months because of a lack of field testing. Then this bozo decided to completely contradict our workarounds.

He literally sent out an email blast to all our stores telling them to disregard any of the helpdesk’s fixes, and to instead call them into us, and have them documented.

So now we have several hundred tickets for the same six problems, we aren’t allowed to tell them how to fix it in the meantime (on penalty of possibly losing our jobs) and the company is still hemorrhaging money.

Sometimes I fantasize that if only we as a department could sabotage that guy’s stuff just right, he’ll end up looking like the unqualified moron he is in front of the CEO, and that’ll be the last we see of him.


#17

Why do you have to hurt my brain like that on a Friday?


#18

Exactly. Working helldesk, when I get sharp remarks from executives, I sooooo badly want to say “I keep your Point of Sales running. Do you have any idea how fast you won’t have any money if someone on my team decided to sabotage them?”


#19

Count yourself lucky. I have to live with it.


#20

I’ve crawled the IT trenches myself. I feel your pain.