alt Hacker NewsRansomware as most people imagine it is a solved problem. After a close call, my employer invested in ZFS-backed storage. Our recovery time for recovery from accidental deletion went from "days of copying from offsite backups" to just minutes.
The only problem is when people build storage on ancient filesystems that don't support low-cost snapshots.
Replies
elevation • today at 7:51 PM
> as most people imagine it
Which is to say, a conventional ransom: "pay us to restore your un-backed-up files".
But if the attacker has already exfiltrated your files to machines you don't control, and the ransom is "pay or we'll publish", then you'll need more than a modern filesystem to prevent this.
We are seeing coordinated attacks where multiple systems have been compromised. It is not a simple restore from backup because they have stolen admin credentials and can repeatedly wreck the kludge of modern and legacy systems most companies deal with. For example, UMMC hospitals lost access to their Epic system, phone lines, and email.
https://www.comparitech.com/news/cybercriminals-say-they-hac...