Easy for you and me, but maybe hard for an accountant or a carpenter.
The previous assertion was paying the ransom is cheaper than not paying
it. My point is the victim will be paying for IT help either way.
------ Original Message ------
From: "Chris Wright" <[email protected]>
To: "[email protected]" <[email protected]>
Sent: 9/30/2016 12:24:56 PM
Subject: Re: [AFMUG] OT: Ransomware
The only reason the cryptolocker ransomware is so effective is because
they honor every transaction and unlock your data. The malware itself
is relatively easy to remove, but the encrypted files are the lasting
effect.
Chris Wright
Network Administrator
From: Af [mailto:[email protected]] On Behalf Of Adam Moffett
Sent: Friday, September 30, 2016 7:49 AM
To:[email protected]; [email protected]
Subject: Re: [AFMUG] OT: Ransomware
The ransomware is still on the computer after you pay the ransom,
right? So the only way to stop them from hitting you again when
they're hard up for cocaine money is to invest a lot in IT fixes
anyway. Same problem, except if you pay the ransom maybe you get your
data back. But paying the ransom also encourages them to keep doing it
to other people, and maybe contributes to the ongoing problem. I guess
it comes down to whether you have enough of it backed up.
------ Original Message ------
From: "That One Guy /sarcasm" <[email protected]>
To: "[email protected]" <[email protected]>
Sent: 9/30/2016 9:54:35 AM
Subject: Re: [AFMUG] OT: Ransomware
the ransoms are relatively cheap if youre not a targeted corportation,
running between 150 and 8The amount of work stoppage and time
investment alot of people put into this exceeds the ransom anyway
On Fri, Sep 30, 2016 at 8:42 AM, Ken Hohhof <[email protected]> wrote:
FireEye was providing a decrypt tool for the original Cryptolocker but
likely you are out of luck. Find a backup, pay the ransom, or kiss
your data goodbye.
From: Af [mailto:[email protected]] On Behalf Of Jason McKemie
Sent: Friday, September 30, 2016 1:26 AM
To:[email protected]
Subject: Re: [AFMUG] OT: Ransomware
Depends on the ransomware. I found a decryption tool for my mom's
computer when she managed to get it infected - depends on the
particular flavor I'm sure. I think this one had .crypt or .crypted
extensions on all the files. I did need an copy of one of the
encrypted files prior to the infection for the program to do its job
though.
On Fri, Sep 30, 2016 at 12:14 AM, Travis Johnson <[email protected]> wrote:
Hi,
One of our office computers was just infected with "ransomware". It
has encrypted all the files on that computer, plus many files on a
server that computer was connected to.
Any ideas or suggestions on the best way to try and fix/remove this
crap and unencrypt all the files?
Travis
--
If you only see yourself as part of the team but you don't see your
team as part of yourself you have already failed as part of the team.
