> It should be a moral decision to *never* pay any ransom, no matter what the > cost to the business. Of course that will never fly in reality.
All the InfoSec consultants talk a great game with "never pay" but the dirty little secret is that many or most do. In many cases it is not just the organization's data, it is the customers' lives. If you were a bank it would be great to say "we will never pay" but meanwhile how do your customers get their grocery money out of your ATMs? Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Tom Brennan Sent: Monday, September 7, 2020 4:32 PM To: [email protected] Subject: Re: Ransoming a mainframe disk farm While I really like your new term, "ransomwared", I have to disagree with the conclusion. Of course we need to try to prevent the attack, but we also need to have some kind of backup to get things at least somewhat back to normal. And that doesn't mean a single backup method for all kinds of data. For example, operating system changes don't happen every day, so as long as you get a system back up, it probably doesn't matter too much if all the PTF's are applied. DB2 is another story if you want something reasonably up-to-date. Hmm... maybe make a deal with the hacker at half price and only get the DB2 datasets back. Just kidding of course. It should be a moral decision to *never* pay any ransom, no matter what the cost to the business. Of course that will never fly in reality. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
