We had an experience last year.. very professional.. Ransomware had instructions to TOR based website, there we found clear procedure on multiple languages available from a menu. The had an online chat and were very helpful!
I had a better experience with them than with most of our suppliers! They even offered discount based on volume of machines! Gino Villarini Founder/President @gvillarini t: 787.273.4143 Ext. 204 m: [https://image.ibb.co/ctQ7jU/aeronet-logo.png]<http://www.aeronetpr.com/> [https://image.ibb.co/noQeyp/inc500.png] <https://www.inc.com/profile/aeronet> [https://image.ibb.co/e4pBB9/fb-logo.png] <https://www.facebook.com/aeronetpr/> [https://image.ibb.co/nxuuW9/insta-logo.png] <https://www.instagram.com/aeronetpr/?hl=en> [https://image.ibb.co/jhSEW9/in-logo.png] <https://www.linkedin.com/company/aeronet-broadband-corp> [https://image.ibb.co/dqqq4U/tw-logo.png] <https://twitter.com/AeroNetPR?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor> [https://image.ibb.co/bAJcjU/yt-logo.png] <https://www.youtube.com/channel/UCr2Q9WBrAYVm3Fn970Jd6VA> www.aeronetpr.com<http://www.aeronetpr.com> | Metro Office Park #18 Suite 304 Guaynabo, PR 00968 From: AF <af-boun...@af.afmug.com> on behalf of Chuck McCown <ch...@wbmfg.com> Reply-To: AnimalFarm Microwave Users Group <af@af.afmug.com> Date: Wednesday, August 21, 2019 at 8:00 PM To: "af@af.afmug.com" <af@af.afmug.com> Subject: [AFMUG] Ransomeware Heard one of the best presentations ever today at the Tri State Telecom Conf in Sun Valley, Id. It was a real world story told by the CEO of Syringa Networks. He said he would share his PPT. If he does I will post it there. It was striking how he described how professional the extortion guys were. They even offered references to assure them if they paid they would get their files back. They paid the ransom in bitcoin. The FBI was zero help. It was actually their insurance company that provided the most helpful guidance. The insurance company said “relax, we do this 5 times a month”. He would not say how much it cost them. He recommends you pay if you are dealing with an “ethical” extortion company. They have transitioned away from anything microsoft as much as possible. Giving everyone ipads or macs. Making everything cloud based. 2FA authentication using fobs (I think). Airgapped local backups. It was a two stage attack. First came from a worker taking a laptop home and getting infected with something that then was brought to work to spread. They stampped it out. Apparently that virus collected info that was sold to the ransomware company that used it to expertly infect their whole network. One take away is DO NOT REBOOT. If you do you are screwed. He said linux systems running on a VM running on a windows machine were fine, but the machine was frozen. They could not do anything with it. Disclaimer The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful. This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more visit the Mimecast website.
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
