mroth911 last edited by
Hey FYI one of my clients got attacked September 17th at 9am. All their files were encrypted and renamed with the file extension [email protected]_com, including links were changed shortcuts registry was changed and shortcuts no longer worked. Just giving everyone out here a heads up. This one is not only encrypting files but taking the computer with it
DustinB3403 last edited by
Hopefully the client has backups that can be used to recover.
scottalanmiller last edited by
I think most take the computer with it if allowed to run long enough.
dbeato last edited by
Pete.S last edited by Pete.S
Ransomware is not fun.
NotPetya damages were in the 10 billion range. One enterprise I work for at times was down for weeks. Having backup is not enough - you need to be able to access your backup too. When everything is down you don't have any computers to access anything with. Sure you can reinstall but where are your image files? When you do have computers you have no DHCP, no DNS, no AD etc. You have no internet access, no email, no phones. Yeah, backup is not enough. You need an elaborate emergency plan.