Quote:
Originally Posted by Rathji
UofC almost all profs have local admin rights on their PC. At that point, almost no malware protection in the world will stop a dedicated attacker using a 0-day, or similar exploit . Keep in mind these are targeted attacks, not just people clicking on random links or spam email attachments.
|
Local admin rights should not lead to full access rights to all network shares. Furthermore, there are anti-ransomware measures that can detect the process of files being encrypted and cut off access. You are right that a lot of these guys have figured out they can charge a certain price point where it's cheaper in terms of time and money for a business or institution to pay versus trying to restore and fix systems the legitimate way.