I will tell you that when it happened to my client, the "ransom" was $1million.
It was less expensive to lose a days work. in restoring from backups. Joe On Mon, Sep 7, 2020 at 6:53 PM Charles Mills <[email protected]> wrote: > > It should be a moral decision to *never* pay any ransom, no matter what > the cost to the business. Of course that will never fly in reality. > > All the InfoSec consultants talk a great game with "never pay" but the > dirty little secret is that many or most do. In many cases it is not just > the organization's data, it is the customers' lives. If you were a bank it > would be great to say "we will never pay" but meanwhile how do your > customers get their grocery money out of your ATMs? > > Charles > > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:[email protected]] On > Behalf Of Tom Brennan > Sent: Monday, September 7, 2020 4:32 PM > To: [email protected] > Subject: Re: Ransoming a mainframe disk farm > > While I really like your new term, "ransomwared", I have to disagree > with the conclusion. Of course we need to try to prevent the attack, > but we also need to have some kind of backup to get things at least > somewhat back to normal. And that doesn't mean a single backup method > for all kinds of data. For example, operating system changes don't > happen every day, so as long as you get a system back up, it probably > doesn't matter too much if all the PTF's are applied. DB2 is another > story if you want something reasonably up-to-date. > > Hmm... maybe make a deal with the hacker at half price and only get the > DB2 datasets back. Just kidding of course. It should be a moral > decision to *never* pay any ransom, no matter what the cost to the > business. Of course that will never fly in reality. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
