| 
	
	
		
	
	
	
		|  11-07-2013, 04:37 PM | #21 |  
	| Franchise Player 
				 
				Join Date: Nov 2006 Location: Supporting Urban Sprawl      | 
 
			
			Kind of a related note, but if I was running IT in a lawyers office without a working backup to recover from Cryptolocker (or any other of the dozens of things that can happen to data), I would expect to be looking to a job really quickly.
 That's completely irresponsible.
 
				__________________"Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour."
 |  
	|   |   |  
	
		
			| The Following 7 Users Say Thank You to Rathji For This Useful Post: |  |  
	
		
	
	
	
		|  11-07-2013, 04:40 PM | #22 |  
	| First Line Centre 
				 
				Join Date: Jan 2008 Location: Okotoks      | 
 
			
			I agree. It doesnt matter how big or small that firm is, any type of sequential backup should be mandatory.
		 |  
	|   |   |  
	
		
	
	
	
		|  11-07-2013, 05:10 PM | #23 |  
	| The new goggles also do nothing. 
				 
				Join Date: Oct 2001 Location: Calgary      | 
 
			
			
	Quote: 
	
		| 
					Originally Posted by Rathji  Kind of a related note, but if I was running IT in a lawyers office without a working backup to recover from Cryptolocker (or any other of the dozens of things that can happen to data), I would expect to be looking to a job really quickly.
 That's completely irresponsible.
 |  
But, but, IT is an expense that doesn't add to the bottom line of the company!
		 
				__________________Uncertainty is an uncomfortable position.
 But certainty is an absurd one.
 |  
	|   |   |  
	
		
			| The Following 5 Users Say Thank You to photon For This Useful Post: |  |  
	
		
	
	
	
		|  11-08-2013, 07:16 AM | #24 |  
	| Franchise Player 
				 
				Join Date: Nov 2006 Location: Supporting Urban Sprawl      | 
 
			
			
	Quote: 
	
		| 
					Originally Posted by photon  But, but, IT is an expense that doesn't add to the bottom line of the company! |  
Every business owner is entitled to their potentially company destroying budget decisions.
		 
				__________________"Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour."
 |  
	|   |   |  
	
		
			| The Following 2 Users Say Thank You to Rathji For This Useful Post: |  |  
	
		
	
	
	
		|  11-08-2013, 09:02 AM | #25 |  
	| #1 Goaltender | 
 
			
			the fact that more than one person here has already been ransomed freaks me out a little. is this thing able to slip by your standard run of the mill antivirus software? or were the infections mentioned here cases where there was none or outdated AV?
		 |  
	|   |   |  
	
		
	
	
	
		|  11-08-2013, 10:13 AM | #26 |  
	| Franchise Player 
				 
				Join Date: Nov 2006 Location: Supporting Urban Sprawl      | 
 
			
			
	Quote: 
	
		| 
					Originally Posted by Inglewood Jack  the fact that more than one person here has already been ransomed freaks me out a little. is this thing able to slip by your standard run of the mill antivirus software? or were the infections mentioned here cases where there was none or outdated AV? |  
It really doesn't make much difference. The virus is in active development, and as a result will be adjusting to defense or removal methods. For example, early versions allowed for you to restore from previous versions, but the new versions don't. 
 
You can't rely on AV to protect you from this. You need a cold backup.
		 
				__________________"Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour."
 |  
	|   |   |  
	
		
			| The Following User Says Thank You to Rathji For This Useful Post: |  |  
	
		
	
	
	
		|  11-08-2013, 10:28 AM | #27 |  
	| First Line Centre | 
 
			
			
	Quote: 
	
		| 
					Originally Posted by Rathji  Kind of a related note, but if I was running IT in a lawyers office without a working backup to recover from Cryptolocker (or any other of the dozens of things that can happen to data), I would expect to be looking to a job really quickly.
 That's completely irresponsible.
 |  
They were using a cloud backup service.  It got to it.
		 
				__________________ 
				"Cammy just threw them in my locker & told me to hold on to them." - Giordano on the pencils from Iggy's stall.    |  
	|   |   |  
	
		
	
	
	
		|  11-08-2013, 10:31 AM | #28 |  
	| #1 Goaltender 
				 
				Join Date: Sep 2003 Location: Calgary      | 
 
			
			Is this an executable type virus or does come the pdf's and other type of files?
		 |  
	|   |   |  
	
		
	
	
	
		|  11-08-2013, 11:31 AM | #29 |  
	| First Line Centre | 
 
			
			
	Quote: 
	
		| 
					Originally Posted by MolsonInBothHands  They were using a cloud backup service.  It got to it. |  
Even if they had a static back up the evil genius thing here is that it's going to be cheaper for the company to just pay the ransom, rather than restore from back-up.
		 |  
	|   |   |  
	
		
	
	
	
		|  11-08-2013, 11:45 AM | #30 |  
	| Powerplay Quarterback | 
 
			
			
	Quote: 
	
		| 
					Originally Posted by Ace  Even if they had a static back up the evil genius thing here is that it's going to be cheaper for the company to just pay the ransom, rather than restore from back-up. |  
Exactly.
 
For most companies, $300 is a drop in the bucket, especially compared to 2 or 3 days worth of hours for the entire IT team to restore from a backup, and then make sure that everything is up and running properly.
		 |  
	|   |   |  
	
		
	
	
	
		|  11-08-2013, 04:36 PM | #31 |  
	| Franchise Player 
				 
				Join Date: Nov 2006 Location: Supporting Urban Sprawl      | 
 
			
			Turns out the new version has an extended pay period in case you didn't make the 3 day cutoff. 
 Its a bit more expensive, at 10 bitcoins... which is over $3000 by today's pricing.
 
 As for the company in question: The online backup had no versioning or iterative backup? Ouch.
 
				__________________"Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour."
 |  
	|   |   |  
	
		
	
	
	
		|  11-08-2013, 05:44 PM | #32 |  
	| Ate 100 Treadmills | 
 
			
			
	Quote: 
	
		| 
					Originally Posted by Mccree  Is this an executable type virus or does come the pdf's and other type of files? |  
I most definitely did not run an exe file.  It came on another file and my guess was triggered by my AV when it went to delete it.
		 |  
	|   |   |  
	
		
			| The Following User Says Thank You to blankall For This Useful Post: |  |  
	
		
	
	
	
		|  02-12-2015, 12:29 AM | #33 |  
	| Ate 100 Treadmills | 
 
			
			A heads up. There is a cure for this now:https://www.decryptcryptolocker.com/ 
Managed to get all of my files back! About a year later..but woohoo!
		 |  
	|   |   |  
	
		
			| The Following 5 Users Say Thank You to blankall For This Useful Post: |  |  
	
		
	
	
	
	
	| Thread Tools | Search this Thread |  
	|  |  |  
	| 
	|  Posting Rules |  
	| 
		
		You may not post new threads You may not post replies You may not post attachments You may not edit your posts 
 HTML code is Off 
 |  |  |  All times are GMT -6. The time now is 06:06 PM. | 
 
 
 |