new apple plus microsoft ransomware plus spyware

Discussion in 'Technical' started by sec_monkey, Jun 13, 2017.

  1. sec_monkey

    sec_monkey SM Security Administrator

    oldawg, RightHand, Brokor and 3 others like this.
  2. sec_monkey

    sec_monkey SM Security Administrator

    Brokor, Motomom34 and Ura-Ki like this.
  3. 3M-TA3

    3M-TA3 Cold Wet Monkey Site Supporter++

    And don't store data files locally. Also don't store them on the "cloud" where network admins and others have access to your information. Get an inexpensive NAS (my nearly ten year old ReadyNAS still runs the latest OS) from Craigslist or eBay, load with inexpensive disks and upgrade to the latest OS and patches. Your files are now stored in a better protected place that has redundancy so a single disk loss won't cause you to lose everything. Still backup files just in case.

    I keep a share on my NAS called "Restore" that has all my software and install codes. If I lose a hard drive in one of my computers I simply reinstall the base OS, patch, then attach to the NAS and reinstall the software. All the documents, spreadsheets, and various data files are still on the NAS so I'm back in business.
    Dunerunner and Ura-Ki like this.
  4. Dunerunner

    Dunerunner Brewery Monkey Moderator

    So, what's a NAS? :cautious:
    sec_monkey likes this.
  5. sec_monkey

    sec_monkey SM Security Administrator

    Network Attached Storage

    a consumer NAS is typically a box with 1-4 drives plus 1 or more network ports that plugs into the local network, it can be accessed over the local area network [ LAN ] to store stuff plus things.

    unfortunately devices on the LAN can be compromised along with all the other computers on the same network no matter what operating system they are running

    an enterprise level NAS can have 8-250 or more hard drives plus it can cost $250,000 to $5mil or more
    Brokor likes this.
  6. Altoidfishfins

    Altoidfishfins Monkey+++ Site Supporter+

    Wife's computer Win 7 has slowed significantly and cannot load but one web page. Attempting to load another results in the same page being loaded. Persisting results in locking everything except the mouse. Often it disconnects from the internet even though the wireless link is solid with plenty of signal. Her phone is exhibiting nearly identical behavior with the disconnect issue.

    She's now using my LINUX desktop which is also connected wirelessly for checking her e-mail and a few other things. Hmm, it's working great. Yes I'm gloating. My dual boot laptop is also working well. Still, backup, backup, backup.

    She hates updates, and a quick check revealed that she hasn't since September (81 updates due). Tried to get updates, even connected directly to the router via ether cable, but progress remained at 0% all day yesterday. So it won't even update.

    I think maybe her machine's got a virus. Maybe we'll try a restore later today.
    sec_monkey and 3M-TA3 like this.
  7. Motomom34

    Motomom34 Monkey+++

    I have to check to see if the u-dates installed. I think most are on manual so I can decide what up-dates I want.

    Thanks @sec_monkey
  8. Brokor

    Brokor Live Free or Cry Moderator Site Supporter+++ Founding Member

    No information I have is so sensitive and important I must regularly back it up, but when I do decide to store information and archive, I do it manually just before I decrypt the drive, and only with Linux.
    oldawg, sec_monkey and enloopious like this.
  9. 3M-TA3

    3M-TA3 Cold Wet Monkey Site Supporter++

    Alternatively you could buy a used ReadyNAS Ultra 2 (or 4 or 6) on Craigslist or eBay for about a hundred dollars. Put two 2TB disks in it and buy a third for < $300, so you are in for $400 total. These also support disks as large at 4TB and will automatically upgrade if you replace the smaller disks with larger ones.

    Update to OS6 and it's pretty solid security wise, having it's own build in AV and firewall. There are plugins that allow you to do things like turn off SMBv1 while keeping v2 and v3 active. Periodically swap the third disk in to make grandfather sets. That's the cost of an entry AR-15 these days, but you have to ask yourself what are those files worth and what would it take to recover them if that's even possible.

    The idea is to keep your data separated from your workstation/laptop in a place where only YOU have access. So what if they encrypt or otherwise trash your laptop? Just rebuild, reconnect to the NAS, and leave that speed bump behind you.

    You don't need a NAS just to protect sensitive files. I have decades worth of CAD, engineering, reference materials and such things as all the scans of family photos, and other important documents like surveyor's, title, deed, health records, etc. on mine. I would have to lose two of the three hard drives to lose that information.

    A NAS does run an OS so it is susceptible to exploits like any other, BUT hackers are still targeting Windows and Apple. Most NAS OSes are based on Unix, Linux, or custom operating systems. They are WAY down the list.
  10. Tempstar

    Tempstar Old and crochety Site Supporter+

  11. enloopious

    enloopious Rocket Surgeon

    I've had more data lost due to hardware manufacturers than any other source. I recently bought a western digital drive that installed, setup, and run for a total of 1 week and then completely crashed and burned. I've seen it over and over again from hardware.
    sec_monkey likes this.
  12. 3M-TA3

    3M-TA3 Cold Wet Monkey Site Supporter++

    FWIW I used Seagate Barracuda greens (intended for NAS usage) when I originally set up my ReadyNAS. Two of the three disks failed - one was dead, and the NAS was indicating losses in the other at about the same time. They did a hella good job for almost ten years so I can't complain. Just replaced with WD red label also intended for NAS usage. I hope I'll get similar lifetime.

    Here is the nice thing about the used ReadyNAS: It's small, the drives are hot swappable, and the trays are included. The OS and support is free. The OS "lives" on the motherboard so you don't need to have a disk or partition just for that. If you need to buy the hardware it's a good deal at about $100. The only improvement the new units have are that they are faster, but I already stream music and movies from my older unit just fine. The faster speed only comes into play if you are using the NAS to support several concurrent file accesses which isn't likely in a home environment.

    If you already have the old computer and are OK with shutting down and opening it up to swap disks that's perfectly workable. You can also add hot swap bays, but then you are adding additional cost.
  13. duane

    duane Monkey+++

    Very good information, lost computer to ransomware a few years ago and now regard anything on a computer over 24 hours without backup as likely to be lost. Doesn't seem to be any real attempt to stop those attacks and a lot of the ime it seems like the basic code was created by governments and major companies.
    sec_monkey likes this.
  14. Tempstar

    Tempstar Old and crochety Site Supporter+

    Oh, and drop the coin for SSD's. MTBF is off the charts. They either fail the first few days or almost never.
  15. Byte

    Byte Monkey+++

    I don't really have anything that needs to be backed up other than the music I don't want to have to rerip one CD at a time. I don't buy digital content from Amazon, iTunes, etc. I haven't used a spinning drive on my main computer in over 6 years. For the latest build I used two 512MB M2 drives to have a bootable 1TB RAID 0 setup. They actually make 2TB M2's. Each of the M2's is smaller than a stick of RAM and mount directly to a daughter card that plugs into the motherboard just like a RAM slot. It was a bit weird building a system that had nothing off the motherboard other than the power supply. Not counting radiators/fans, of course. The solid state storage revolution cannot be stopped! Death to whiny HDD's! :p

    Well OK, at less than a nickle per GB for spinning drives vs. ~.66/GB for M2 storage, spinning drives aren't quite obsolete yet. :cool:
  16. 3M-TA3

    3M-TA3 Cold Wet Monkey Site Supporter++

    I still use spinning disks for storage, but use disks rated for high usage. I got almost ten years out of the last set, so I'm not worried much about lifetime. When SSD's become cost effective for mass storage I'll switch to those. Definitely use SSD's for all laptops and workstations.

    Why RAID 0? There is no redundancy, in fact if either disk fails you lose all the data on both disks. All you gain are theoretical performance improvements which may or may not be meaningful. Even those music files you ripped don't need fast streaming speeds as they are usually copied right into memory before they are played.
    sec_monkey likes this.
  17. Byte

    Byte Monkey+++

    Lol redundancy! I fly by the seat of my pants... It's pretty much strictly a win10 box for gaming. No real need to backup with gaming profile info being stored on different gaming service's clouds these days. Haven't had to physically go to a brick and mortar to buy a game in 10 yrs or so!

    Oh yeah my music library is housed on my general purpose surf/music/virtualization box. It's my old gaming box and those drives are all 2.5" Samsung 840/850 Pro SSD's. It's my old 3930K gaming rig. The original 512GB 840 Pro is approaching 7 years old now so I am curious how much life it has left in it. No issues so far but 'knock on wood'. I have toyed with putting together a huge spinning NAS setup for years but just can't justify the cost for my backup needs. I suppose I can always fall back on the 'for the fun of it' rationalization... That's pretty much what I based my need for the new 7700K Kaby Lake build on! :LOL:
    Last edited: Jun 15, 2017
survivalmonkey SSL seal warrant canary