| ▲ | ArcHound 6 hours ago | ||||||||||||||||
AFAIK the idea is to have backups so good, that restoring them is just a minor inconvenience. Then you can just discard encrypted/infected data and move on with your business. Of course that's harder to achieve in practice. | |||||||||||||||||
| ▲ | supertrope 2 hours ago | parent | next [-] | ||||||||||||||||
If the important data is in a web app and the Windows PC is effectively a thin client, this lowers the ransom value of the local drive. Of course business disruption in the form of downtime, overtime IT labor cannot be mitigated by just putting everything online. The next step is just to move to security by design operating systems like ChromeOS where the user is not allowed to run any non-approved executables. If tricking a single employee can cause an entire company to stall out, it's a process issue. Just like how a single employee should not be able to wire out $100,000. | |||||||||||||||||
| |||||||||||||||||
| ▲ | finghin 5 hours ago | parent | prev | next [-] | ||||||||||||||||
Sleeper agent malware is a thing especially in high risk situations. If somebody has a dormant RAT installed since year X-1 it’s going to be impossible to solve that in year X by using backups | |||||||||||||||||
| |||||||||||||||||
| ▲ | billypilgrim 2 hours ago | parent | prev | next [-] | ||||||||||||||||
Modern ransomware are not just encrypting data but uploading them somewhere too, the victim is then threatened with a leak of the data. A backup does not save you from that. | |||||||||||||||||
| |||||||||||||||||
| ▲ | mschuster91 5 hours ago | parent | prev [-] | ||||||||||||||||
In the end the limiting factor will be the bandwidth of your disk arrays... enough compromised machines and they will get overwhelmed. | |||||||||||||||||