CryptoWall is back...
-
Spinning off of my other thread, I wanted to know what people are doing in light of the return of CryptoWall...
How are you educating your clients?
What advice are you giving them?
What do you do if a client becomes a victim of CryptoWall?
In what scenario, if any, would you advise a client to just pay the ransom? -
@GlennBarley said:
How are you educating your clients?
What advice are you giving them?
What do you do if a client becomes a victim of CryptoWall?
In what scenario, if any, would you advise a client to just pay the ransom?I'm only half serious about my answers here... depends on the user and how many times they have been warned...
- Don't click attachments in email.
- Don't click attachments in email! Have good backups!
- Restore from most recent backups.
- None.
-
Similar to Dafyre, but if they don't have backups - pay the ransom.
Also, if restore time is is greater than the cost of the ransom + recovery time for decrypting, then pay the ransom.
-
@Dashrender While having your data is important... Paying such ransom simply paints a target on your (business's) back that says "Hey go after these folks, they'll pay!"
-
@dafyre said:
@Dashrender While having your data is important... Paying such ransom simply paints a target on your (business's) back that says "Hey go after these folks, they'll pay!"
Yeah I get that. I think if we got hit by it... I'll probably look at removing email for non essential personal (external email). 90% of my users don't require it. The few who do can be trained to be much more weary.
-
One of my remote users got hit by Cryptowall a few weeks ago. And the email he got was so obvious, I couldn't believe he fell for it. And he didn't run backups, so he lost all files. I'd rather have users learn the lesson the hard way, than to bend over and support some scumbags.
