nanog mailing list archives
Re: Can somebody explain these ransomwear attacks?
From: Michael Thomas <mike () mtcc com>
Date: Thu, 24 Jun 2021 15:48:43 -0700
On 6/24/21 3:08 PM, Shane Ronan wrote:
A lot of the payments for Ransomware come from Insurance Companies under "Business Interruption Insurance". It in fact may be more cost effective to pay the ransom, than to pay for continued business interruption.I wonder if this is preying off the firewall hard-on-the-outside-soft-on-the-inside? At this point I'm not sure how you can justify that because so many people are using their own equipment. It's not just the operational side of the business they can target, after all.Of course along with paying the ransom, a full forensic audit of the systems/network is conducted. The vector for many of these attacks is via a worm triggered by someone opening an attachment on an email or downloading compromised software from the Internet. Short of not allowing email attachments or blocking Internet access, the best method is to properly train users to not click on attachments or visit "untrusted" sites, but nothing is perfect.
Mike
Current thread:
- RE: Can somebody explain these ransomwear attacks?, (continued)
- RE: Can somebody explain these ransomwear attacks? Jean St-Laurent via NANOG (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Anne P. Mitchell, Esq. (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Karl Auer (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Michael Thomas (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Karl Auer (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Aaron C. de Bruyn via NANOG (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Tom Beecher (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Aaron C. de Bruyn via NANOG (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Baldur Norddahl (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Michael Thomas (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Michael Thomas (Jun 24)
- RE: Can somebody explain these ransomwear attacks? Jean St-Laurent via NANOG (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Don Gould (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Michael Thomas (Jun 26)
- Re: OT: Re: Can somebody explain these ransomwear attacks? Michael Thomas (Jun 24)
- Re: OT: Re: Can somebody explain these ransomwear attacks? scott (Jun 24)
- Re: Can somebody explain these ransomwear attacks? Mike Meredith via NANOG (Jun 28)