doh Law Firm Loses All Files to CryptoLocker Ransomware

[timster]

How quickly does this thing work? Surely it would take hours to encrypt thousands of files. Some kind of file monitoring app would be useful in alerting you to any suspicious activity.

 

 

I work for a medium-sized law firm. I'd better convince the powers that be at my office to invest in yet another backup harddisk that I can disconnect after a weekly backup and put in the safe.

use this article in your bid to convince them!

[Ryoken]

How do people get infected with this?

By lacking in common sense.

 

And yes, Offsite backups are a must.. or if you are too cheap for that, at least backups not connected to the server all the time.

 

Ideally there should be a backup made offsite daily.. or if not, make one to a removable/USB drive, lock it away, then repeat with a new one each day for a week or two. That way they are all separate, and if you get infected you have extra time.

 

Also works if you take a backup a week and keep a months worth.. then cycle them.. that's what the school boards I've worked with do.. but given a Lawfirm, I'd do daily, or atleast every other day.

[froggyliver]

lol

that's why there's backup and disaster recovery plans, not sloppy things like that. And i know, i've seen too much of "cheap" backup solutions gone out of the window when there's a real need for a restore: a backup is only good as the restore; because of that i do monthly restores in my clients to ensure that the backup worked as expected, the data is integrate and valid and to validate it before any major change in the servers, like updates, new software installed and so on.

 Totally agree and glad to see someone else with this sense. Its so bad the type of "backups" I see out there geez!!! It doesn't have to be that expensive either! And test like you said.

[Shiranui]

Anyone using this?

 

http://www.foolishit.com/vb6-projects/cryptoprevent/

 

Might be an added layer of security for those less savvy employees who can't resist clicking on .pdf.exe attachments from unknown sources.

[Luc2k]

By lacking in common sense.

Not the answer I was looking for. According to the wiki, the most common methods are through email attachments and, more recently, keygens.

[duoi Veteran]

how much time did they spend investigating it? if i was I.T in that firm, i would have told the boss to hand over his credit card. it'd cost less to pay up than the time it took to try to crack it.

[Hum]

It's nice to see lawyers getting screwed for a change!

Yeah but the clients are also hurt as well.