What's new
Fantasy Football - Footballguys Forums

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Computer/IT/ransomware question (1 Viewer)

matttyl

matttyl

Footballguy
So my company (which you've likely not heard of, but is of pretty big size) was apparently hit with some pretty nasty “ransomware.”  I’ve done a bit of research and what I think has occurred is that about half the computers had all of their contents encrypted.  Who ever did it had offered to sell the company the encryption key - with no guarantee that they will in fact ever give us the key, nor that they won’t just hit us again in a week or two as half of the computers are “infected”.  My computer was one impacted.

Company has just decided to buy all new computers to replace all affected.  No idea if that’s the right call or not. 

Question 1 - with the company not paying the ransom for the encryption key, is it safe to assume that I’ll never be able to access/view/open any files on it ever again?  If so, that sucks. 

Question 2 - the company I believe just plans to throw away all impacted computers.  Many are very nice and new name brand laptops with docking stations (for up to three monitors and other peripherals).  Wouldn’t you be able to pull out the impacted hard drive, install a new one, install a new OS (windows) and have a perfectly fine personal computer?  Or could this ransomware have affected other internal hardware?  Does anything stay on the RAM or other internals?

 
Last edited by a moderator:
Somebody last week managed to send an email from my boss's work email account (it showed her address, not just her name with another address) to our accounting manager instructing him to wire $100k. They obviously had been studying the company communication, because they sent it exactly in her writing style to the one person in the company who would send such a wire transfer. It was caught in time, but that is ####ed.

ETA: Sorry to hear, matty. Seems cyber security is at a crossroads of sorts.

 
Last edited by a moderator:
matttyl said:
So my company (which you've likely not heard of, but is of pretty big size) was apparently hit with some pretty nasty “ransomware.”  I’ve done a bit of research and what I think has occurred is that about half the computers had all of their contents encrypted.  Who ever did it had offered to sell the company the encryption key - with no guarantee that they will in fact ever give us the key, nor that they won’t just hit us again in a week or two as half of the computers are “infected”.  My computer was one impacted.

Company has just decided to buy all new computers to replace all affected.  No idea if that’s the right call or not. 

Question 1 - with the company not paying the ransom for the encryption key, is it safe to assume that I’ll never be able to access/view/open any files on it ever again?  If so, that sucks. 

Question 2 - the company I believe just plans to throw away all impacted computers.  Many are very nice and new name brand laptops with docking stations (for up to three monitors and other peripherals).  Wouldn’t you be able to pull out the impacted hard drive, install a new one, install a new OS (windows) and have a perfectly fine personal computer?  Or could this ransomware have affected other internal hardware?  Does anything stay on the RAM or other internals?
Click to expand...
Q1. yes, the files are likely not going to be available again.....unless they were backed up somewhere else...which would not be unusual. 

Q2.  Depending upon what type of company you work for and what information can be found on many of the computers , it’s simply not worth it for the company to risk that information. At that point, most companies would simply scrap the affected computers and get new ones. Cost is usually secondary. 

 
Cjw_55106 said:
Q1. yes, the files are likely not going to be available again.....unless they were backed up somewhere else...which would not be unusual. 

Q2.  Depending upon what type of company you work for and what information can be found on many of the computers , it’s simply not worth it for the company to risk that information. At that point, most companies would simply scrap the affected computers and get new ones. Cost is usually secondary. 
Click to expand...
Not worried about cost to the company in Q2.  Wondering if I can get a new personal laptop at minimal cost with that question.

 
1.   Talk to your superiors and ask if you can personally pay the ransom for just your computer.   If they deny your request, hit up the deep web version of the ffa and contact the hijacker that way.

2.   Take the computers out of the dumpster and sell them back to your company at 25 cents on the dollar.   They'll look good at getting such a good deal on some nice computers, you can use the money for #1 and you'll probably save some part of the environment I think but don't hold me to that part.

 
If the hackers are sophisticated, then their virus may have affected the hard drive AND the BIOS (which is embedded into the computer's motherboard). So, you would need to re-format the hard drive and re-flash the BIOS. (Which isn't difficult, just a chore.)

You can start by putting a blank drive into the laptop and installing a fresh copy of windows. See if it gets hacked again. (Keep it off of your company's network, though.) If not, you should be good.

For your hacked drive, you can try running one of these programs on it.

BTW, your company's IT department sucks. You should have an offline backup of every computer in the company.

 
This is becoming a MASSIVE problem. I work for one of the leading cyber liability insurers in the country and claims (both in frequency and size) have increased by a crazy amount in the past 18 months.

It doesn't take an especially sophisticated criminal to use the software anymore (hence the increase in frequency) but some of these operations run on a near corporate level of professionalism. 

 
matttyl said:
Not worried about cost to the company in Q2.  Wondering if I can get a new personal laptop at minimal cost with that question.
Click to expand...
IF the company would let you have one there would be no problem reusing it with a new hard drive.  Technically you don't even need a new hard drive, you would just need to wipe it well.  If the company is going to give them away they should remove the hard drive anyway.

Many large companies won't give away/sell cheap their old computers, but it wouldn't hurt to ask.

 
Apple Jack said:
Somebody last week managed to send an email from my boss's work email account (it showed her address, not just her name with another address) to our accounting manager instructing him to wire $100k. They obviously had been studying the company communication, because they sent it exactly in her writing style to the one person in the company who would send such a wire transfer. It was caught in time, but that is ####ed.

ETA: Sorry to hear, matty. Seems cyber security is at a crossroads of sorts.
Click to expand...
This is super common right now. And it’s likely not someone “studying” the communication but a super sophisticated data collection/regurgitation algorithm. Similarly there are emails going out saying they have video of you jerking it to porn and the email displays a password you have used somewhere before. Very convincing but not real.  It’s all pretty nuts right now. 

 
matttyl said:
So my company (which you've likely not heard of, but is of pretty big size) was apparently hit with some pretty nasty “ransomware.”  I’ve done a bit of research and what I think has occurred is that about half the computers had all of their contents encrypted.  Who ever did it had offered to sell the company the encryption key - with no guarantee that they will in fact ever give us the key, nor that they won’t just hit us again in a week or two as half of the computers are “infected”.  My computer was one impacted.

Company has just decided to buy all new computers to replace all affected.  No idea if that’s the right call or not. 

Question 1 - with the company not paying the ransom for the encryption key, is it safe to assume that I’ll never be able to access/view/open any files on it ever again?  If so, that sucks. 

Question 2 - the company I believe just plans to throw away all impacted computers.  Many are very nice and new name brand laptops with docking stations (for up to three monitors and other peripherals).  Wouldn’t you be able to pull out the impacted hard drive, install a new one, install a new OS (windows) and have a perfectly fine personal computer?  Or could this ransomware have affected other internal hardware?  Does anything stay on the RAM or other internals?
Click to expand...
Lol. Who is running that IT department?. Why are you storing data on the computers? Why don't you have a years worth of monthly backups?. Tell ya what, I'll manage your IT dept from my office where I work for $50k a year.

Really laughing at throwing away the computers.

 
Last edited by a moderator:
Apple Jack said:
Somebody last week managed to send an email from my boss's work email account (it showed her address, not just her name with another address) to our accounting manager instructing him to wire $100k. They obviously had been studying the company communication, because they sent it exactly in her writing style to the one person in the company who would send such a wire transfer. It was caught in time, but that is ####ed.

ETA: Sorry to hear, matty. Seems cyber security is at a crossroads of sorts.
Click to expand...
They spoofed the email. All incoming e-mails should now contain a header saying 'external e-mail'. Simply setting change on the mail server.

 
Nick Vermeil said:
This is super common right now. And it’s likely not someone “studying” the communication but a super sophisticated data collection/regurgitation algorithm. Similarly there are emails going out saying they have video of you jerking it to porn and the email displays a password you have used somewhere before. Very convincing but not real.  It’s all pretty nuts right now. 
Click to expand...
Yeah saw that one in my junk mail awhile back...pretty spooky 

 
TLEF316 said:
This is becoming a MASSIVE problem. I work for one of the leading cyber liability insurers in the country and claims (both in frequency and size) have increased by a crazy amount in the past 18 months.

It doesn't take an especially sophisticated criminal to use the software anymore (hence the increase in frequency) but some of these operations run on a near corporate level of professionalism. 
Click to expand...
Curious - does the insurance cover the ransom, or the loss/replacement of hardware?  Or both?  Who’s decision is it to pay the ransom or not when insurance is involved?

 
Step 1)  Grab those computers out of the dumpster and sell them here for like 50bucks

Step 2)  Profit!

I could really use a nice used laptop

$$$

 
matttyl said:
Curious - does the insurance cover the ransom, or the loss/replacement of hardware?  Or both?  Who’s decision is it to pay the ransom or not when insurance is involved?
Click to expand...
Not my department, so I don't have all the details but my understanding is that they pay for everything if required. But the uptick in claims is forcing them to reevaluate their underwriting process, pricing, etc. 

I believe that one of the terms of the contract is that the insurer decides whether it makes financial sense to pay the ransom.

 
[scooter] said:
BTW, your company's IT department sucks. You should have an offline backup of every computer in the company.
Click to expand...
Yeah, if the OP had been a new poster I would have guessed this was some sort of advertisement for offsite backup. It nearly reads like an advertisement.

 
BoltBacker said:
Yeah, if the OP had been a new poster I would have guessed this was some sort of advertisement for offsite backup. It nearly reads like an advertisement.
Click to expand...
Not an ad, just seeing what options, if any, I have.  Just sucks.  New computer won't be here till Wednesday.  Much information will never be recovered.  I've got access to e-mail, but that's about it right now. 

 
matttyl said:
Not an ad, just seeing what options, if any, I have.  Just sucks.  New computer won't be here till Wednesday.  Much information will never be recovered.  I've got access to e-mail, but that's about it right now. 
Click to expand...
Just don't understand this at all. All of my work product has been stored in OneDrive/Box/Dropbox type service for probably 4 years. If my employer wants to backup on top of that great but I don't leave it up to them.

 
Hawks64 said:
Just don't understand this at all. All of my work product has been stored in OneDrive/Box/Dropbox type service for probably 4 years. If my employer wants to backup on top of that great but I don't leave it up to them.
Click to expand...
Of course, but my God the web-based Office applications are terrible.

 
Concerning backups and such, some of that was done by me.  I'm not their typical employee, though - while I am in fact a W2 employee of theirs, I'm really just an independent contractor working through them.  As such, they provided me with a computer and access to the internet through their network - which is how it got hacked.  So some individual files were backed up, but since I wasn't fully on their system, I won't just be able to have a new computer that looks/acts exactly like me old one did. 

 
We had this happen a year or two ago with one of our last PC's in the office.  We are all cloud-based and mostly Chromebooks BUT this effing PC had a local backup program installed to sync docs with Box.  So they were able to access that just like it was a hard drive. One more blow against PC's for me.

 
You must log in or register to reply here.

Similar threads

C
Wiping a Work Computer to be then used for personal use
Replies
6
Views
255
3C's
3C's
Hastur
***Official Scam Thread***
Replies
46
Views
1K
BLOCKED_PUNT
BLOCKED_PUNT
General Malaise
Each State's Best IPA Beer - Value, Drinkability, Taste and Artwork
5 6 7
Replies
341
Views
6K
Bossman
Bossman

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top