And as an industry, we claim we are completely helpless against ransomware. We create all kinds of organizations and alliances such as FIDO and ICANN. Against ransomware, complete silence.

▲

elevation 2 days ago | parent | next [-]

Ransomware as most people imagine it is a solved problem. After a close call, my employer invested in ZFS-backed storage. Our recovery time for recovery from accidental deletion went from "days of copying from offsite backups" to just minutes.

The only problem is when people build storage on ancient filesystems that don't support low-cost snapshots.

	▲	elevation 2 days ago \| parent \| next [-]
		> as most people imagine it Which is to say, a conventional ransom: "pay us to restore your un-backed-up files". But if the attacker has already exfiltrated your files to machines you don't control, and the ransom is "pay or we'll publish", then you'll need more than a modern filesystem to prevent this.
	▲	rawgabbit 2 days ago \| parent \| prev [-]
		We are seeing coordinated attacks where multiple systems have been compromised. It is not a simple restore from backup because they have stolen admin credentials and can repeatedly wreck the kludge of modern and legacy systems most companies deal with. For example, UMMC hospitals lost access to their Epic system, phone lines, and email. https://www.comparitech.com/news/cybercriminals-say-they-hac...

▲

giancarlostoro 2 days ago | parent | prev [-]

I think it will only get worse, as skiddies get access to LLMs. The number of mainstream maintainers being hacked is quite alarming.