"One of the attacks delivers Locky through a twice-zipped attachment in emails with no subject or body text."
And yet it's guaranteed that someone will open the zips, despite all the warnings given
Cisco is warning of possible return of a massive ransomware spam campaign after researchers noticed traces of traffic from the hitherto dormant Necurs botnet. The attacks are tiny: Cisco's security team has so far found fewer than a thousand Necurs spam messages. Those numbers pale in comparison to attacks when Necurs' …
I blame Microsoft for making the default Windows setting to hide file extensions for known file types this means for example that invoice.exe shows up as invoice I really can't understand why the setting is that way yes you can change it but the default should be to show all file extensions
Hey look I'm all for blaming Microsoft but we all have the tech built into Windows to help mitigate this sort of threat, just hardly anyone seems to use applocker as they're too lazy to set it up. We can also disable macro's entirely or make them run only from trusted locations etc.
But convenience, such as running any .exe you want trumps security or even if you bother setting up applocker etc a senior manager loses his mind at not being in complete control and running local admin rights on his PC and you're back to square one.
I saw an interview on tv with some woman who'd been the victim of some such ransomware and who'd lost 10years worth of family photos. She bemoaned her fate and both she and the interviewer said how people should be aware of such scams - "Don't let it happen to you!!"
But hold on a moment, did she lose her data because of the scam or because of the lack of backups? No mention was made that she'd probably have been ok if only she'd taken a backup. She'd have been just as screwed if the HD crashed or the PC was stolen.
Most users just expect their PC to work and haven't the first idea how to protect it, either by regular backups or not clicking on links embedded in emails or attachments.
So while we as "IT Professionals" know what's required, not everyone does.
If she's lost 10 years worth of photos, it follows that she has gone 9 years plus without a backup.
That's somewhere out there in the unexplored territory where you go beyond stupid, turn right, and keep going until the wheels fall off. Nine years!
Of course, as all of us here have no doubt seen for ourselves, Beyond Stupid is commonplace, and some remarkably intelligent people do it. Even people who are generally pretty careful about things can surprise you with a complete failure to backup.
So is this unique to computers, perhaps because people don't understand them or are subconsciously hostile to them?
Not really. It seems to apply to other seldom-needed but vital tasks too, especially ones that are a little unpleasant, or boring, or cost a small amount of money for no tangible immediate return, or not very easy to understand.
People go for decades without bothering to make a will; somehow manage to avoid the dentist until they have really serious pain, don't quite get around to paying the house insurance .... probably every profession can cite the dumb things people do (or more to the point don't do) which wind up hurting them badly.
But I still reckon that complete ffailure to backup is more common and more difficult to excuse than any of them.
I've spent my working life being polite and sympathetic to people who've just discovered that not having backups is a very bad idea. Sometimes I've been able to get their data back, sometimes not. Rule Clint applies. ("Do I feel lucky?") Win or lose though, I've always, always been sensitive to their feelings and handled them more-or-less the way an undertaker handles a bereaved family member. Underneath all that, of course, there is what I really think. Yes, yes, I do understand how easy it is to not backup, I really do. And I know, I really do know, the horrible sick feeling you get when you realise that you've really screwed something important up through your own carelessness. But you know what I really think, don't you. It's the same thing we techies all think when we see this happen: well what did you expect, you fu*king moron?
We need a new type of windows "nagware"...
A prompt that comes up once a month asking them to perform a backup. If after 12months they still haven't performed a backup, then the pc will be locked until they run one or click on the "Yes, I understand I am a complete and total fuckwit." button.
"Applocker requires a server os, enterprise, or academic licensing."
With a regular Windows Pro the Software Restriction Policy can stop running executables, scripts etc from users' folders. If the end user has admin rights then this is of course easily circumvented.
And with Windows Home edition you can use the Parental Controls.
"the procedure needed to unlock the controls."
The procedure needed to unlock is to know the Parental Control password. If the kid has admin rights, well... there's really no way to contain the kid/user.
Disabling any kind of chance for external boot should mitigate greatly for offline attacks but won't help if the user can remove the HDD - and Windows Home versions do not support Bitlocker.