Posted on 03/06/2017 2:11:04 PM PST by davikkm
HARRISBURG, Pa. (AP) - Pennsylvanias top state Senate Democrat said Monday that no ransom has been paid to resolve a cyberattack that shut down the caucus network and prompted an FBI investigation. Senate Democrats computer network, including their email system, remained inaccessible Monday, three days after the ransomware attack was discovered by technology staff who received an alert that the network had been breached. Senate Minority Leader Jay Costa, D-Allegheny, would not say what sort of ransom had been demanded, but he said none had been paid, and he and other Senate Democrats said they were not inclined to do so. Right now we have no intention of dealing with the demand, Costa said. A ransomware attack is typically aimed at stealing sensitive information in an attempt to be paid for the datas return, often in a digital currency. For the time being, Costa said, Senate Democrats were focused on trying to restore access to the network, which contains a wide range of documents, from policy work to constituent case files.
(Excerpt) Read more at washingtontimes.com ...
No, they drug their heels and the time expired on the offer.
They could not stop it on the suspect system and, being Democrats, they had no backup so they lost it all.
Funny how when you go to deceive others, your own deception can cause your downfall.
For a party that has virtually no concept of security or foresight, this kind of failure is inevitable.
There are two ways to recover from this kind of attack.
1: kill the system that did the deed or is causing the damage and restore the corrupted files from some sort of backup. or
2: catch the system when it finishes the encryption. Then pay the ransom and hope they keep their word to send the decryption signal to the workstation that opened the email or web page.
Cryptolocker is not to be played with unless you have good backups.
Keeping no backups or not testing them from time to time is a recipe for failure.
Easy to recover if they did their DR plan.
Failure to plan is planning to fail.
The 7 “P’s”
Proper
Prior
Planning
Prevents
Piss
Poor
Performance
“if this is the variant that jumps across network shares (and it almost certainly is)”
network file shares are like any other filesystem on Windows, and so yes, ransomware nukes those too. I’ve seen a whole business wiped out that way and they didn’t have any backups.
Fortunately, i was able to recover ALL of their data (which amounted to MANY gigabytes) using the system protection/previous versions i mentioned earlier, and which also btw, is secretly present in W8 but doesn’t actually work for any files over a few thousand bytes as larger files are corrupted in the version backups, AND has been removed altogether in W10. Thus, after W7, MS has removed THE BEST facility for the average person to recover from ransomware!
Maybe they should try the password “password”.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.