Folks,
For those in the US...
Our local FBI office suggests reporting Cryptowall and other
ransomware to the FBI office nearest you (or to the victim).
Lots of little cases can add add up to successful investigations. The
wider the telescope (the more reports, the more data) the better the
poss
On Fri, Nov 14, 2014 at 09:34:48AM PST, David Veer spake thusly:
> We have seen CryptoWall hit a number of systems too over the last month or
> two for different organizations around the city. Has anybody on the list
> been able to determine the attack or infection vector for it? We'd really
> li
On Fri, Nov 14, 2014 at 11:49 AM, John Quigley wrote:
> In talking with someone at a local cloud company yesterday, I learned that
> a number of large organizations in our town, including banks, have been hit
> with Cryptowall in the past few weeks. On the news this morning was a
> report of a sh
We have seen CryptoWall hit a number of systems too over the last month or two
for different organizations around the city. Has anybody on the list been able
to determine the attack or infection vector for it? We'd really like to figure
out how it's getting into the networks and systems to be
Thanks, all, for the comments and advice. I have given your recommendations
and comments to my friend.
I was particularly struck by Mr. Guarino's story about receiving support
from Cryptowall's operators after he paid the ransom. That's a great story,
even if it portends badness for our time.
Jus
You also don't know if the records were tampered with. The fact that they were
able to encrypt them shows that they had the capability to tamper with them.
It's not a likely attack (too much money to be made with the simple approach),
but it's possible.
David Lang
On Thu, 13 Nov 2014, Morgan
On Thu, Nov 13, 2014 at 11:47 PM, Tracy Reed wrote:
> On Thu, Nov 13, 2014 at 01:56:04PM PST, Bill Bogstad spake thusly:
>> I'm not so sure. If the data was encrypted in place (never left his
>> systems) then
>> it was never disclosed to inappropriate parties and my reading of that
>> link is th
prevention processes after I told them it was necessary to
pay the ransom by today (deadline sensitive files)
From: tech-boun...@lists.lopsa.org [mailto:tech-boun...@lists.lopsa.org] On
Behalf Of John Quigley
Sent: Thursday, November 13, 2014 11:52 AM
To: t...@lopsa.org
Subject: [lopsa-tech] Hit by
On Thu, Nov 13, 2014 at 01:56:04PM PST, Bill Bogstad spake thusly:
> I'm not so sure. If the data was encrypted in place (never left his
> systems) then
> it was never disclosed to inappropriate parties and my reading of that
> link is that this would not be considered a breach. Not that this
>
My thought would be that if something got into the setup enough to encrypt
the files, it could have also transmitted them.
On Nov 13, 2014 1:56 PM, "Bill Bogstad" wrote:
> On Thu, Nov 13, 2014 at 7:42 PM, Tracy Reed wrote:
> > On Thu, Nov 13, 2014 at 10:11:28AM PST, Morgan Blackthorne spake thus
On Thu, Nov 13, 2014 at 7:42 PM, Tracy Reed wrote:
> On Thu, Nov 13, 2014 at 10:11:28AM PST, Morgan Blackthorne spake thusly:
>> I'd be wondering if HIPPA requires him to disclose the breach to his
>> clients since it is medical information.
>
> Yes.
>
> http://www.hhs.gov/ocr/privacy/hipaa/admini
On Thu, Nov 13, 2014 at 10:11:28AM PST, Morgan Blackthorne spake thusly:
> I'd be wondering if HIPPA requires him to disclose the breach to his
> clients since it is medical information.
Yes.
http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/
But if he didn't even have s
I'd be wondering if HIPPA requires him to disclose the breach to his
clients since it is medical information.
--
~*~ StormeRider ~*~
"Every world needs its heroes [...] They inspire us to be better than we
are. And they protect from the darkness that's just around the corner."
(from Smallville S
Colleagues,
A good friend of mine owns a dental practice whose data was encrypted with
ransomware. Apparently all of the primary and backup data were encrypted.
I'm getting info secondhand from him and so don't have all the details yet
(eg, which OS, which variant of ransomware, etc).
They're ask
14 matches
Mail list logo
