Quote:
Originally Posted by asphaltgambler
I find it hard to believe that they paid actual ransom money to have that resolved. Wouldn't you go to a previous day 'tape' backup of the network, or have someone outside find the trojan and eliminate it?
|
A good hacker/malware goes after the backups as well. As someone that does security as part of my job people would be shocked at how much is going on all day, everyday. Your Internet is constantly being probed, I could go on for days on this, really coordinated groups/Govs do their research on your website, social media, etc. I see company websites that show the type of control systems a company uses and sure enough they are constantly scanned for those control system ports on all their public IP’s.
Of course it’s so much easier just to drop something via a phish email, or just social engineer a company:
https://youtu.be/lc7scxvKQOo