Reply to post: Re: Monitor the database?

Ransomware 2.0 'crypts website databases – until victims pay up

Justin Goldberg

Re: Monitor the database?

It sounds like the next thing in security is something where each save to a script is also cryptographically signed. Here's an excellent idea from the comments on the original article:

Admin access should be restricted to only ssh/sftp sessions using PKI, so useless even if password known/brute forced. Of course one must keep the keys safe and its no protection against vulnerabilities in the web app/os itself, but patching/scanning/pen testing and finally log monitoring do the rest.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022