Can somebody explain these ransomwear attacks?
Michael Thomas
mike at mtcc.com
Thu Jun 24 22:48:43 UTC 2021
On 6/24/21 3:08 PM, Shane Ronan wrote:
> A lot of the payments for Ransomware come from Insurance Companies
> under "Business Interruption Insurance". It in fact may be more cost
> effective to pay the ransom, than to pay for continued business
> interruption.
>
> Of course along with paying the ransom, a full forensic audit of the
> systems/network is conducted. The vector for many of these attacks is
> via a worm triggered by someone opening an attachment on an email or
> downloading compromised software from the Internet. Short of not
> allowing email attachments or blocking Internet access, the best
> method is to properly train users to not click on attachments or visit
> "untrusted" sites, but nothing is perfect.
>
>
I wonder if this is preying off the firewall
hard-on-the-outside-soft-on-the-inside? At this point I'm not sure how
you can justify that because so many people are using their own
equipment. It's not just the operational side of the business they can
target, after all.
Mike
More information about the NANOG
mailing list