We do not negotiate with terrorists?

I'd pay the grand too.

Send in Seals!

Where's Troop when you need him?

But seriously, they don't really sound like terrorists...more likely millennial entrepreneurs with a slightly outside the box business plan...besides, what's a grand in an economic boom?

I don't have first hand experience, but from what I've heard paying the fee does usually work. I'd toss morals/principles out of the equation and make a business decision, if the chance of recovering the files is worth the money then pay it.

The key is, making sure you learn your fucking lesson. If you pay or not, action should be taken to prevent a recurrence. I'm not saying go out and spend millions on all sorts of security software that will probably negatively impact productivity as much as it prevents risks, but impact here could be mitigated with some standard backup processes that would also protect your company from many other scenarios. Hell, the investment for reasonable backups is worth it for most individuals backing up their fucking selfies and shit, its certainly worth it for a company. If your internal IT dept can't set something like that up, there's tons of consulting services that will do it for you.

I thought this is one reason to back up your files on Carbonite.......or somewhere offsite

Find a tall tree and a short rope

The problem with paying the ransom is that it gives the criminals an incentive to do it again and again, whether to your company or another. I would not pay.

These are merely computer files. It is more difficult to reject ransom categorically when the hostage is a loved one, like a child or wife or favorite stripper.

I'd try to coordinate a transfer with some detectives who know cyber crime to trace the money. $1000 doesn't sound like much unless they have very little to fear and do this to a lot of people. Even if they hit 50 companies, they would only have $50k to show for the crime. Hit a really big corporation, and that one company might be willing to spend a few million to beef up security and spend some of that budget going after the thieves. It might be a kid in someone's basement with little knowledge of risk versus reward. Unless they were seeking access to financial records.

Have an admin communicate for making payment arrangements - also seeking usual assurances - getting all files back, will not occur again, etc etc
Obviously none of the assurances are worth anything - but it gives the assholes on the other side a sense that these guys are complying and just want to get the files back.

It's only a thousand bucks.

But - if you guys have IT - get them to work on re-assessing your firewalls. These should be better than a thousand-dollar asshole can break. Hire new people if needed. Next breach could be fatal.

And - as the Admin conducts the payment procedure - give her some wrong info so she stumbles and fumbles (don't tell her anything - she should appear genuine to the asshole). The re-try will definitely provide clues to the cyber-crime folks in Police Dept. I'm very sure the asshole will be caught - right in his basement. He gets max time, event gets publicised and deters bigger cyber crime down the road.

I know the feeling. It sucks more than losing wallet or cell phone. Entire businesses depend on computer data. I'd vote for death penalty for cyber terrorists - no matter what part of the world they are at.

DOOMED!

That crazyjoe retard is prolly a terrorist cuz he sent me a bunch of emails that I cant open. That retard is prolly sending me cryptology shit. So I am glad I could not open them. I am so smrt and you all are retards.

Your the worst retard of all Dougster. You just repeat doomed over and over. Your a retard.

^^^^ this guyn is totally doomed if he can't figure out technology. Do you work at rhe Piggly Wiggly?

Slop.guy...do you know bagboyjames?

Absolutely DOOMED!

Those cyber terrorists ought to take some lessons from Dr Evil in how to demand real ransom. Like one miiiilioooon dollars!

Got to have good backups. This is the only real protection.

Say you pay the money, how do you know then that your computers are clean, as opposed to still having some sleepers.

I would be going to LE, and I would only pay if it somehow helped LE to track the cyberterrorists down.

SJG

I once performed a security audit on a major hospital in my area. Of the clients on their network, over 91% of them had full administrative rights. That was internal to the hospital. I was able to enter their domain from outside without the least bit of "resistance". With that sort of control, no wonder companies get breached.

Amazingly, they didn't want to invest any funds in their security. My question was, why did they paid so much for the audit, then toss the results in the trash?

You guys have no idea how bad things are cyber security wise.

Good luck with this, Motorhead. Like others have said, getting the police involved is probably the best thing to do. Hiring your own hacker to backtrack that kid, fry his systems, and then turn him over to the cops could be even more fun.

I would be willing to bet that the hackers are not in the US which limits your options.

LMAO, if your IT was smart, he'd have backed up all those files. A very dark lesson learned. It's gonna take a team of some seriously great FBI IT techs, forget your local police to do the job since it's now on Tor. Best thing to do is, contact the FBI, pay the ransom and let the feds in black handle the situation. It's already an FBI investigation anyway so you don't have a choice because more than likely, the FBI now knows you just accessed TOR. Good luck.

@Dougster Not every company can even afford $1M or else the cyber punks won't have a renewable source of income.

Even the companies that are spending a million or several million or hundreds of million are getting hacked. Social engineering is part of it, but it's mostly about choices that were made to favor time to market over security long, long ago, or to save money. Knowing there would be problems but just eat the cost of that damage year by year rather than put long term solutions in place. A final factor is that intelligence agencies want their to be holes. I also suspect other powerful entities do as well, but now we are into conspiracy theory realm.

Of course if your IT has ways to restore at least SOME of your information do so before paying the premium (shadowexplorer, RakhniDecryptor, etc. Shadowexplorer will probably be the only one that works but give the other a try anyway). Anyway, next time, invest some money in a backup software, constantly seperate that from the interweb (don't include it in a shared server) and recommend your idiot IT tech to get ESET NOD32, F-Share or Kaspersky. If the data isn't THAT important (I doubt that since it's a business), don't pay it and just take a dark lesson and let the feds handle it. That is of course making sure that NOBODY was watching pornography of any sort on their work stations (ESPECIALLY CHILD PORNOGRAPHY) or fucking around with TOR themselves, don't exclude the IT, he's your first suspect along with the loser employee who never speaks. Good luck

"... along with the loser employee who never speaks. "

You mean the super creepy guy who eats his lunch alone and is always trying to eavesdrop? Yeah, I'd definitely keep an eye on him

Interesting how different occupations have different hazards. My co-worker was working on a transmission line and after an explosion, he has third degree burns on most of his body. He might not make it past the week, he's so fucked up. My sister and I took his kids to Knotts Berry Farm this weekend. My sister is really good friends with his wife. She got the unlucky job of explaining to their kids that their Dad might not live. My weekend has been pretty sad, to be honest.

@steve229 yeah that one stevie

@slickspic ouch, really sorry to hear that. Hope he at least has time to see his kids once more.

@Estafador-Probably not. The fact that he's alive is testament to his constitution. A transmission line is a natural gas pipeline that I can walk through. I'm sure FarmerArt has seen some similar shit.

Joke Reply- You need to handle this like Les Grossman from "Tropic Thunder" topic creator.

Slick, sorry to hear that. Good luck to his family.

Sometimes you must.

motor,

I sent you a PM on the subject.

DAMN! Another ancient thread!

Well, that's the breaks, Clubber. When we've been around here forever some things are ancient.

So, vm, just what are you implying???