Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > Cryptolocker source released - fucking files like its 2013
 
  • Locked thread
Paul MaudDib
May 3, 2006

TEAM NVIDIA:
FORUM POLICE

Philthy posted:

gently caress this thing. We had about 10 businesses in the past week or so get this. The variants are getting past everything. Hooray for good backups, but this poo poo seriously SUCKS. I can see in a year most businesses will simply not be on the internet if they want to function.

If viruses were going to drive businesses to air-gap it already would have happened. There's pretty substantial benefits to being online, so in the end businesses will suck it up and pay for a decent backup solution. If you have backups, it's only slightly more annoying than any other virus.

And really airgapping isn't a total solution either, it just makes it a little more difficult to spread. Before internet connectivity, floppy disks were a major vector. USB sticks are pretty loving insecure, if airgaps became common then viruses would spread by that. And you bet your rear end an airgapped business is going to be plugging in USB sticks like there's no tomorrow.

Hypothetical "airgap variant" - spreads via USB stick, with a (say) 2-week trigger latency or a fixed trigger time to help it spread. Rather than sending the decryption key back to a C&C server and deleting it from the victim's PC, it encrypts the decryption key (with the hacker's public key) and leaves an encrypted copy on the victim's machine. You have to send the encrypted decryption key back to the hacker along with your ransom, and he uses his private key to decrypt it for you.

Paul MaudDib fucked around with this message at 02:54 on Nov 16, 2014

* # ¿ Nov 16, 2014 01:05
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ Apr 19, 2024 05:34
  • Quote
Paul MaudDib
May 3, 2006

TEAM NVIDIA:
FORUM POLICE

Philthy posted:

Businesses are not going to be able to afford a few grand every other week to restore data, and to get their practice software back to running shape and to go through the past days transactions all over again. The latest variants are not just encrypting Office files. They're getting nearly everything.

Nothing about these are "slightly more annoying".

If you are getting hit with a couple grand worth of infections "every other weak" and you aren't investing a paltry sum into a backup system, you deserve to be run out of business for Not Being Able To Take A Hint.

Losing internet access is going to impair you much more than the cost of a backup system. If you are losing $3,000 every two weeks - you can buy an awful lot of backup system for $78,000 a year.

Paul MaudDib fucked around with this message at 21:54 on Nov 16, 2014

* # ¿ Nov 16, 2014 21:46
  • Quote
  • Locked thread
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > Cryptolocker source released - fucking files like its 2013