nanog mailing list archives
Re: Can somebody explain these ransomwear attacks?
From: Karl Auer <kauer () biplane com au>
Date: Sat, 26 Jun 2021 01:39:18 +1000
On Fri, 2021-06-25 at 10:05 -0400, Tom Beecher wrote:
Everything can be broken, and nothing will ever be 100% secure. If you strive to make sure the cost to break in is massively larger than the value of what could be extracted, you'll generally be ahead of the game.
Easy to say. IMHO the only workable long-term defence is heterogeneity - supported by distribution, redundancy and just taking the simple things seriously. Business has spent the last few decades discarding heterogeneity and the bigger they are, the more comprehensively they have discarded it. Companies that are floor to ceiling and wall to wall Windows. Centralised updates, centralised networking, centralised storage, centralised ops teams, and (typically) a culture of sharing. A relentless prioritising of convenience over security. For goodness sake, even the NSA had the attitude that "if you are this side of the drawbridge you must be OK"! We need to start building systems that are not seamless, that are not highly interchangeable, that are not fully interconnected, and we have to include our human systems in that approach. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer () biplane com au) http://www.biplane.com.au/kauer
Current thread:
- Can somebody explain these ransomwear attacks? Michael Thomas (Jun 24)
- Re: Can somebody explain these ransomwear attacks? JoeSox (Jun 24)
- Re: Can somebody explain these ransomwear attacks? Michael Thomas (Jun 24)
- Re: Can somebody explain these ransomwear attacks? Shane Ronan (Jun 24)
- Re: Can somebody explain these ransomwear attacks? Brandon Svec via NANOG (Jun 24)
- Re: Can somebody explain these ransomwear attacks? Jim (Jun 25)
- RE: Can somebody explain these ransomwear attacks? Jean St-Laurent via NANOG (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Tom Beecher (Jun 25)
- RE: Can somebody explain these ransomwear attacks? Jean St-Laurent via NANOG (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Anne P. Mitchell, Esq. (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Karl Auer (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Michael Thomas (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Karl Auer (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Michael Thomas (Jun 24)
- Re: Can somebody explain these ransomwear attacks? JoeSox (Jun 24)
- Re: Can somebody explain these ransomwear attacks? Aaron C. de Bruyn via NANOG (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Tom Beecher (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Aaron C. de Bruyn via NANOG (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Baldur Norddahl (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Michael Thomas (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Michael Thomas (Jun 24)
- RE: Can somebody explain these ransomwear attacks? Jean St-Laurent via NANOG (Jun 25)
- Re: Can somebody explain these ransomwear attacks? Don Gould (Jun 25)