I look at our contracted services as such a high risk endeavor. The market we serve is small, and refuses to be parented as IT professionals need to do. The businesses tend to be one step above home offices, and ownership treats their office network much the same as their home entertainment network (bulk of network usage is streaming video and audio). Ownership makes decisions to bypass security in favor of convenience and "cost savings" We have one network that wont invest in managed AV and also has us give an override for the firewall policies because it was inconvenient to their online shopping to block advertising. It started with a 1 hour override, but the owner didnt like having to key it in, so they extended it to 24 hours. Their firewall logs show it keyed in every day, and from multiple computers, indicating the business owner shares it with the staff. This is an over 1 million dollar annual revenue company, not that in todays marketplace thats all that big, but its a prime target for malicious actors. Our contract absolves us of much of the liability for their poor choices. Most of our customers are like this. They dont realize the risk, no matter how many times we all but beg them to take security more seriously. I really dont know how they havent been severely impacted. A couple of them have had workstations compromised, but so far non have actually had critical data taken...... its a matter of when, and not if.
Federal dollars get spent in huge sums combating "the cyber" but little is spent on education, maybe the feds deal in large enough scale with the same mentality as we do that they realize its fruitless. we buy safes to keep our paper documents secure, our guns protected, our jewelry out of thieves hands, but digitally, people just dont seem to care On Fri, Sep 30, 2016 at 12:22 PM, Mike Hammett <[email protected]> wrote: > That's all you can do. > > > > ----- > Mike Hammett > Intelligent Computing Solutions <http://www.ics-il.com/> > <https://www.facebook.com/ICSIL> > <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> > <https://www.linkedin.com/company/intelligent-computing-solutions> > <https://twitter.com/ICSIL> > Midwest Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > ------------------------------ > *From: *"Dennis Burgess" <[email protected]> > *To: *[email protected] > *Sent: *Friday, September 30, 2016 12:20:18 PM > *Subject: *Re: [AFMUG] OT: Ransomware > > Yep, restore from backup. > > > Dennis Burgess – Network Solution Engineer – Consultant > MikroTik Certified Trainer/Consultant – MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE > > For Wireless Hardware/Routers visit www.linktechs.net > Radio Frequiency Coverages: www.towercoverage.com > Office: 314-735-0270 > E-Mail: [email protected] > > -----Original Message----- > From: Af [mailto:[email protected]] On Behalf Of Travis Johnson > Sent: Friday, September 30, 2016 12:15 AM > To: [email protected] > Subject: [AFMUG] OT: Ransomware > > Hi, > > One of our office computers was just infected with "ransomware". It has > encrypted all the files on that computer, plus many files on a server that > computer was connected to. > > Any ideas or suggestions on the best way to try and fix/remove this crap > and unencrypt all the files? > > Travis > > > -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.
