Author Topic: Cryptolocker  (Read 30157 times)

0 Members and 1 Guest are viewing this topic.

Offline Mallory Black

  • Hard Floor Camper User
  • *****
  • Posts: 999
  • Thanked: 5 times
  • Gender: Male
Re: Cryptolocker
« Reply #25 on: September 15, 2014, 08:46:47 PM »
interesting to see this post update.
My workplace just got hit by this bloody thing this morning. had to reload everything back to Friday night
1998 3.4V6 Prado & homebuilt rear fold soft floor

Offline Homer_Jay

  • Soft Floor Camper User
  • ****
  • Posts: 464
  • Thanked: 13 times
  • Gender: Male
Re: Cryptolocker
« Reply #26 on: September 16, 2014, 02:20:00 PM »
Got this one today.

One person opened email from 'Australia Post' and it infected all files on her computer plus all files shared on the cloud, hence affecting all of us!
Been working all day to get things back up and running.


Watch out for this one!



Landcruiser 76 wagon V8 T/D

Supreme Getaway pop top 12 ft

Offline Bird

  • Once Was Lost, now am found
  • Hard Top Camper User
  • ******
  • Posts: I am a geek!!
  • Thanked: 1874 times
  • Gender: Male
  • Life is far too long....
    • My Place.
Re: Cryptolocker
« Reply #27 on: September 16, 2014, 03:07:47 PM »
Quote from: Homer_Jay
Got this one today.

One person opened email from 'Australia Post' and it infected all files on her computer plus all files shared on the cloud, hence affecting all of us!
Been working all day to get things back up and running.

Watch out for this one!
Exact same email she got ... the link when you hovered over it was actually hosted on a site in Turkey... they probably didn't even know it was there.
-
Click to enlarge

Gone to a new home

Offline Ratbag

  • Soft Floor Camper User
  • ****
  • Posts: 486
  • Thanked: 13 times
Re: Cryptolocker
« Reply #28 on: September 16, 2014, 03:50:12 PM »
Something that's worth keeping in mind, although I haven't seen one programmed this way for quite a number of years now, is that in some of these emails, the whole page is "live", not just the "link".

i.e. clicking anywhere on the entire message space in the email will take you to the toxic address.

You can tell if this is the case when the email is open by the fact that the cursor is always the "link finger" even when not hovering over the purported link.

Just FWIW.

Offline Mallory Black

  • Hard Floor Camper User
  • *****
  • Posts: 999
  • Thanked: 5 times
  • Gender: Male
Re: Cryptolocker
« Reply #29 on: September 16, 2014, 06:17:40 PM »
Homer J we must be work colleagues and not know it  LOL!!!
1998 3.4V6 Prado & homebuilt rear fold soft floor

Offline Bird

  • Once Was Lost, now am found
  • Hard Top Camper User
  • ******
  • Posts: I am a geek!!
  • Thanked: 1874 times
  • Gender: Male
  • Life is far too long....
    • My Place.
Re: Cryptolocker
« Reply #30 on: September 16, 2014, 06:22:30 PM »
Homer J we must be work colleagues and not know it  LOL!!!
how did you go with it???
-
Click to enlarge

Gone to a new home

Offline austastar

  • Hard Top Camper User
  • ******
  • Posts: 4171
  • Thanked: 334 times
  • Gender: Male
Re: Cryptolocker
« Reply #31 on: September 16, 2014, 06:43:07 PM »
ITS have been working on restorations for 10 days now.


Hi,
   I thought with the ITS's experience they would have been able to restore quickly. They have nightly incremental; weekly, and monthly full backups.
I'm so glad not to be involved any more, the fun factor ran out quite some time ago.


cheers

Offline Mallory Black

  • Hard Floor Camper User
  • *****
  • Posts: 999
  • Thanked: 5 times
  • Gender: Male
Re: Cryptolocker
« Reply #32 on: September 16, 2014, 07:09:53 PM »
Homer J we discovered it within minutes of the first infection but our IT still re-built everything and we only lost the day.
Champions!
1998 3.4V6 Prado & homebuilt rear fold soft floor

Offline bodgie

  • Tent User
  • ***
  • Posts: 127
  • Thanked: 1 times
Re: Cryptolocker
« Reply #33 on: September 16, 2014, 07:24:18 PM »

Just don't open attachments to emails if one is even the tiniest bit suspicious of it. I have even managed to train my SWMBO about this!

This is very good advice to everyone. A good way to think about it is if it sounds to good to be true it usually is.

BTW, I don't trust Cloud backup at all. Many reasons. First one is: Can you guarantee that the provider will be in business tomorrow? Quite a few more caveats after that major hurdle ...

I would never solely rely on cloud backup, it is part of an overall backup strategy.

Ratbag you go to a lot of trouble to protect and validate your backup, this is something few people go to the trouble of doing. Even if you are using DVDs or hard disks there is no guarantee that when push comes to shove and you need it, that it will be there  for you.

A combo of two backup methods helps reduce you risk IMHO.

Jason

Offline Ratbag

  • Soft Floor Camper User
  • ****
  • Posts: 486
  • Thanked: 13 times
Re: Cryptolocker
« Reply #34 on: September 16, 2014, 09:22:39 PM »
Gidday Jason

This is very good advice to everyone. A good way to think about it is if it sounds to good to be true it usually is.

Quite. And thank you.

Quote
I would never solely rely on cloud backup, it is part of an overall backup strategy.

Actually, I would never rely on it at all .... ;) . There are about another hundred caveats that follow on after that insurmountable hurdle mentioned upthread ...
Quote

Ratbag you go to a lot of trouble to protect and validate your backup, this is something few people go to the trouble of doing. Even if you are using DVDs or hard disks there is no guarantee that when push comes to shove and you need it, that it will be there  for you.

Ah well. Experience is a great teacher if it doesn't destroy you ... ;) . By having multiple, parallel backups on different classes of media, with some being off-site, the chance of never being able to recover a specific file is exponentially reduced

Quote
A combo of two backup methods helps reduce you risk IMHO.

Jason

Exactly why I use the strategy I do :) .

Cloud backup adds complexity; gives one a false sense of security while being screwed; and adds precisely nothing except increased risk. The latter is not unlike ? [Beta] risk analysis of an investment portfolio in accounting ... The risk can be reduced, but only if one actually does the risk analysis in the first place ... :( . This is not done by most for the same reason they cannot be bothered doing backup properly in the first place.
« Last Edit: September 17, 2014, 10:02:29 AM by Ratbag »

Offline Homer_Jay

  • Soft Floor Camper User
  • ****
  • Posts: 464
  • Thanked: 13 times
  • Gender: Male
Re: Cryptolocker
« Reply #35 on: September 17, 2014, 05:56:01 AM »
Homer J we discovered it within minutes of the first infection but our IT still re-built everything and we only lost the day.
Champions!

Yeah thankfully we discovered it straight away. Was finalised late yesterday by the IT guys, so back to normal today. The lost time costs a lot of money. If only they could catch these scum that release this stuff!
Glad you got your sorted too  :cheers:


Landcruiser 76 wagon V8 T/D

Supreme Getaway pop top 12 ft

Offline D4D

  • Hard Top Camper User
  • ******
  • Posts: 16019
  • Thanked: 391 times
  • Are we there yet?
Re: Cryptolocker
« Reply #36 on: September 17, 2014, 06:57:28 AM »
Cloud backup adds complexity; gives one a false sense of security while being screwed; and adds precisely nothing except increased risk.

Please enlighten us with your 'risk analysis'...
I owe, I owe, it’s off to work I go…

Work - Outback
Play - Prado

Offline Bird

  • Once Was Lost, now am found
  • Hard Top Camper User
  • ******
  • Posts: I am a geek!!
  • Thanked: 1874 times
  • Gender: Male
  • Life is far too long....
    • My Place.
Re: Cryptolocker
« Reply #37 on: September 17, 2014, 10:03:13 AM »
Quote from: D4D
Please enlighten us with your 'risk analysis'...
LOL.. AGREE!!

without our cloud backup the time to call back the tapes, restore from tape etc would have cost us a weekend + $$ to recall the tapes

as it was from the cloud which we have setup very well took hours not days....
-
Click to enlarge

Gone to a new home

Offline Ratbag

  • Soft Floor Camper User
  • ****
  • Posts: 486
  • Thanked: 13 times
Re: Cryptolocker
« Reply #38 on: September 17, 2014, 10:12:31 AM »
Gidday D4D


Please enlighten us with your 'risk analysis'...

Do the single quotes around risk analysis indicate that you consider this to be a rhetorical question, or do you genuinely want me to quantify what I see as some of the serious risks with reliance on cloud backup?

TIA for any clarification that you care to give ...

Ditto, Bird.

My own backup requirements are a minimum of about a Terabyte of critical data. At 2.5 Mbps, this would take longer than I have to back up - about 40 days, and that data is changing fairly frequently. The changes often consist of changes to many 20-30 MB files ...
 

Offline D4D

  • Hard Top Camper User
  • ******
  • Posts: 16019
  • Thanked: 391 times
  • Are we there yet?
Re: Cryptolocker
« Reply #39 on: September 17, 2014, 10:24:36 AM »
...or do you genuinely want me to quantify what I see as some of the serious risks with reliance on cloud backup?

Yes
I owe, I owe, it’s off to work I go…

Work - Outback
Play - Prado

Offline Ratbag

  • Soft Floor Camper User
  • ****
  • Posts: 486
  • Thanked: 13 times
Re: Cryptolocker
« Reply #40 on: September 17, 2014, 10:35:22 AM »
Yes

OK.

Some questions first.

Do you (or an associated entity, employer, etc) currently use cloud backup?

If so, what investigations did you (or the associated entity) make into the whole process prior to committing to it?

What provision/s have you (etc) made in the event that the Internet is not available? For a day? For a week? For a month?

Offline D4D

  • Hard Top Camper User
  • ******
  • Posts: 16019
  • Thanked: 391 times
  • Are we there yet?
Re: Cryptolocker
« Reply #41 on: September 17, 2014, 10:49:09 AM »
Some questions first.

I think I asked you the question first...

Do you (or an associated entity, employer, etc) currently use cloud backup? yes

If so, what investigations did you (or the associated entity) make into the whole process prior to committing to it? business risk analysis

What provision/s have you (etc) made in the event that the Internet is not available? For a day? For a week? For a month? highly available links
« Last Edit: September 17, 2014, 10:51:33 AM by D4D »
I owe, I owe, it’s off to work I go…

Work - Outback
Play - Prado

Offline Homer_Jay

  • Soft Floor Camper User
  • ****
  • Posts: 464
  • Thanked: 13 times
  • Gender: Male
Re: Cryptolocker
« Reply #42 on: September 17, 2014, 10:54:23 AM »
LOL.. AGREE!!

without our cloud backup the time to call back the tapes, restore from tape etc would have cost us a weekend + $$ to recall the tapes

as it was from the cloud which we have setup very well took hours not days....

Yeah our IT guys said the same thing, with the cloud stuff we were actually back up and running quicker than we would have been with the old server system.
Oh, and the cloud stuff has made such a difference to the way we do things, as our staff are mobile and on the road or working at home. Whilst we could still access the server from anywhere with the old system, this is just so seamless. 

Its amazing to think how technology has changed the way we do things from only 5 to 10 years ago. Its only the a$$#*%@ of the world that stuff things up for the rest of us!


Landcruiser 76 wagon V8 T/D

Supreme Getaway pop top 12 ft

Offline Ratbag

  • Soft Floor Camper User
  • ****
  • Posts: 486
  • Thanked: 13 times
Re: Cryptolocker
« Reply #43 on: September 17, 2014, 11:24:59 AM »
I think I asked you the question first...

Do you (or an associated entity, employer, etc) currently use cloud backup? yes

If so, what investigations did you (or the associated entity) make into the whole process prior to committing to it? business risk analysis

What provision/s have you (etc) made in the event that the Internet is not available? For a day? For a week? For a month? highly available links

So your question was rhetorical then.

FYI I had a client who had a "highly available link". Had never been out for more than a few seconds in 10 years. Just before they went over to an integrated system employing cloud storage and backup, that "highly available link" was off the air for about a month ... Fortunately we had a workable fallback position for the interim.

I sincerely hope it all works well for you.

Offline Goose

  • Soft Floor Camper User
  • ****
  • Posts: 469
  • Thanked: 21 times
  • Gender: Male
  • Life turns on a dime.
Re: Cryptolocker
« Reply #44 on: September 17, 2014, 11:46:59 AM »
You just need a bigger pipe. If you had a direct 1 Gbps link to your cloud provider, then assuming you could sustain a disk-to-disk copy of around 800Mbps throughput your 1TB backup would be finished under 3 hours. Admittedly such links aren't within the reach of small business, but they do exist and many Australian corporate use them on a day-to-day basis.

Offline D4D

  • Hard Top Camper User
  • ******
  • Posts: 16019
  • Thanked: 391 times
  • Are we there yet?
Re: Cryptolocker
« Reply #45 on: September 17, 2014, 12:04:33 PM »
So your question was rhetorical then.

No it wasn't and you have failed to provide an answer.
I owe, I owe, it’s off to work I go…

Work - Outback
Play - Prado

Offline Ratbag

  • Soft Floor Camper User
  • ****
  • Posts: 486
  • Thanked: 13 times
Re: Cryptolocker
« Reply #46 on: September 17, 2014, 12:08:33 PM »
^ Gidday Goose

Yeah, my web site host provider has this kind of connection. When I worked for the Telco back in the day, we used to provide 572 Mbps X.25 pads for a fee ...

My own network is Gbps. My upload connection to the Internet is artificially throttled to said 2.5 Mbps by the ISP. Measured download speed is 113 Mbps (HFC connection).

As Homer Jay said, the technology is changing at a huge rate. I have been a practitioner in this field since before there was a degree offered in computing science, and since well before the term "IT" was coined in the late 1980s-early 1990s.

Offline Ratbag

  • Soft Floor Camper User
  • ****
  • Posts: 486
  • Thanked: 13 times
Re: Cryptolocker
« Reply #47 on: September 17, 2014, 12:12:54 PM »
 
No it wasn't and you have failed to provide an answer.

Your apparent line of questioning would tend to indicate otherwise to me ...   

Offline D4D

  • Hard Top Camper User
  • ******
  • Posts: 16019
  • Thanked: 391 times
  • Are we there yet?
Re: Cryptolocker
« Reply #48 on: September 17, 2014, 12:15:48 PM »

Your apparent line of questioning would tend to indicate otherwise to me ...   


I owe, I owe, it’s off to work I go…

Work - Outback
Play - Prado

Offline Ratbag

  • Soft Floor Camper User
  • ****
  • Posts: 486
  • Thanked: 13 times
Re: Cryptolocker
« Reply #49 on: September 17, 2014, 12:26:46 PM »



I always try to be as helpful as possible to those who are genuinely seeking help; and if I am able to do so in any way.

Do you always go looking for a fight?

That line from "The Castle" springs to mind - "Take your hand off it, Daryl", or words to that effect.