The weak link is always people. Big companies and the governments should offer a short and free course on cybersecurity. I'm not talking about some advanced level thing but rather how to identify malware, how to differentiate threat from legit files and what to do and not to do on a work PC. Believe me if I can teach my parents that grew without technology on how to avoid these things everybody can learn basic cybersecurity.
No company will spend the money to do anything because the penalty for lax cybersecurity (or really lax anything - like who in Boeing went to jail for their crashes?) is a paltry fine. Even the EU which is considered more strict has it like "up to 4%" of annual revenue
My last company used KnowBe4 which was created by Kevin Mitnick. There’s tons of products like this in the space. You’ll always have a percentage of people who don’t think before acting. Training and education can help reduce the percentage, but people are idiots.
A company in the airline industry I worked for previously did do mock phishing emails and if people clicked on them they would reach out to people to retrain them regarding cyber security. Plus everyone had to undergo tri annual courses
I know of a CFO's secretary getting an invoice with a link to transfer the money. She took the bait and paid out $25k to whomever. The best part is the invoice said it was related to her boss. His office is 10 feet from her desk. Did she ever bother to ask him about it? No. Yes there was annual training. She figured it would never happen to her and she was smart.
I was a pirate in Eve Online for years. It was critical that our "customer base" believed that we were "honorable" an would honor any and all ransoms. So I can 100% believe they will honor their word.... until it becomes profitable enough for them to break it anyway.
@ The Fat Electrician has taught us the term Strategically Transferring Equipment to Alternate Locations. I don’t see any victims included in that concept. 😉
Even if you have backups, it's going to take a long time and cost a lot of money. If you pay for the key, you're still going to spend a lot of time and money after the key...and there's no guarantee they aren't still lingering in your network.
I think now is a good time to start thinking about what systems are going to be and how we are going to use them in a post-hacked world. Evidently the walls will never be high enough.
snapshots (similar to volume shadow copy but better) in ZFS let's say in TrueNAS are immune to ransomware attacks because even if you have root access you can't delete or modify them. You can only manage them through web interface of TrueNAS. So the malware basically needs super power AI with credentials (username and password of the WebUI) and to navigate through the menus to deliberately delete those snapshots. You can set a new incremental snapshots on intervals (every hour, day, 5 minutes ...etc) and the don't cost much space (unless substantial blocks of data changed) and they are blazingly fast. You can even automate deletion of old snapshots, say over 7 days or 3 months old. And you can specify important snapshots to never be deleted automatically ("Hold" option assigned to them).
@@JdotCarver What I mean by immune, is that you can always revert any changes the ransomware does. It is not like it will prevent the ransomware from modifying the data in current dataset. But one can easily revert them back to original state. And the snapshots are "readonly" even for root user.
@miltonthecat2240 well, while devastating, if your data leaked (was uploaded) then you have a totally different issue at your hands. Here comes the value of encryption and to authorize viewing decrypted data to only trusted processes. Hackers can have encrypted data all they want. But if a company can't implement encryption and authorization to only trusted apps then clearly the data is not sensitive enough nor it's critical to protect. Big telecom companies like T-Mobile had their customers' data leaked and they don't care, it is way cheaper to offer its customers a crappy Norton Identity Theft software as compensation that doesn't do anything in bulk than paying hackers. Do you want: Backups (fear of data being encrypted by some ransomware) or Encryption and network security to prevent data leaking or both?
oh Lynx i thought it was another way of saying Linux lol. Probably a good idea to remind the linux users not to scoff because contrary to what they might thin Linux is not immune to ransomware. Great video!!!!!
would bit defender or kaspersky prevent the encryption of data? I recall something similar from the best anti virus video part 2 that bitdefender and kaspersky did in fact stop encryption of files
This is one of the reasons why I'm not happy more and more people using Linux. Tho it is imune to many Windows problems, it still can be affected by something like this.
I always find things like this fascinating. I have one question though. How can you trust the numbers for income on their website? That's rather easy to fake, and faking it would probablybenifit them here if they just make the number look huge.
What is 'crime' and what is not is arbitrary anyway. Most for profit companies have the exact same goal - take money from people, giving as little as possible - and they will do anything and everything they can within arbitrary limits to do so. It's not like 'legal commerce' is any better. I'm not condoning this, just commenting based on how much you stressed legal vs not. That's really not a hugely significant distinction IMO. Edit, like take insurance companies for example that will do anything they can to make you believe you're covered then everything they can to not cover you. At least these hackers are somewhat honest about what they do.
i used to scroll through manifestation videos thinking, why does this work for everyone else and not me? it felt like the universe was ignoring me. then i read Vibrations of Manifestation by Alex Lane, and wow, it made so much sense. chapter 3 showed me how i was focusing on the lack instead of abundance, and that was holding me back. i started shifting my focus and applying the exercises from the book. within a month, i landed a side hustle that completely changed my financial situation. it wasn’t luck-it was energy. this book made me see that.
i’ve always been that person who watches manifestation videos, takes notes, and tries everything under the sun, but nothing ever seemed to work for me. i was stuck in this cycle of frustration, wondering what i was doing wrong. then someone mentioned Vibrations of Manifestation by Alex Lane. i gave it a shot, and honestly, chapter 3 made me stop in my tracks. it explained how my mindset and energy were completely out of sync with what i was asking for. it wasn’t overnight, but after applying what i learned, i started getting new opportunities, random gifts, even raises at work. it’s not magic-it’s alignment, and that book showed me how to find it.
@@rainzerdesu Oil Producers aren't able to hack the software in my car. They can't stop my breaks from working or my engine turning off remotely. EV's are cheaply constructed IOT networks subject to the same kinds of attacks a common laptop is. I'll LMOA when EV's start getting ransomware attacks and personal information breeches. GL HF!
@@rogerbartlet5720 Its not just EV's that have this software Most new cars are like this, its just Tesla did it first and are rushing it more than most
i was at my lowest point, drowning in bills and completely lost on how to move forward. i kept seeing people talk about manifestation and how they’d turned their lives around, but no matter what i tried, nothing worked. then i found Vibrations of Manifestation by Alex Lane. chapter 3 hit me so hard-it was like reading about everything i was doing wrong. i started focusing on shifting my energy instead of obsessing over my problems, and things started to change. small things at first, like random discounts or finding money i didn’t know i had, but it kept growing. it’s crazy how things can turn around when you just understand the energy you’re putting out.
![I.N "HALLUCINATION" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/n5B5q1Hwt_U/mqdefault.jpg)
The weak link is always people. Big companies and the governments should offer a short and free course on cybersecurity. I'm not talking about some advanced level thing but rather how to identify malware, how to differentiate threat from legit files and what to do and not to do on a work PC. Believe me if I can teach my parents that grew without technology on how to avoid these things everybody can learn basic cybersecurity.
No company will spend the money to do anything because the penalty for lax cybersecurity (or really lax anything - like who in Boeing went to jail for their crashes?) is a paltry fine. Even the EU which is considered more strict has it like "up to 4%" of annual revenue
My last company used KnowBe4 which was created by Kevin Mitnick. There’s tons of products like this in the space. You’ll always have a percentage of people who don’t think before acting. Training and education can help reduce the percentage, but people are idiots.
A company in the airline industry I worked for previously did do mock phishing emails and if people clicked on them they would reach out to people to retrain them regarding cyber security. Plus everyone had to undergo tri annual courses
We take training at work every year.
I know of a CFO's secretary getting an invoice with a link to transfer the money. She took the bait and paid out $25k to whomever. The best part is the invoice said it was related to her boss. His office is 10 feet from her desk. Did she ever bother to ask him about it? No. Yes there was annual training. She figured it would never happen to her and she was smart.
I was a pirate in Eve Online for years. It was critical that our "customer base" believed that we were "honorable" an would honor any and all ransoms. So I can 100% believe they will honor their word.... until it becomes profitable enough for them to break it anyway.
your victims can still be your customers
@@Atsumari With all due respect, sir, do not use the word victim. As a asset relocation specialist, we much prefer the word customer.
@ The Fat Electrician has taught us the term Strategically Transferring Equipment to Alternate Locations. I don’t see any victims included in that concept. 😉
Why are there so many of those stupid "manifestation" comments? The bots are out in force, apparently.
Even if you have backups, it's going to take a long time and cost a lot of money.
If you pay for the key, you're still going to spend a lot of time and money after the key...and there's no guarantee they aren't still lingering in your network.
I think now is a good time to start thinking about what systems are going to be and how we are going to use them in a post-hacked world.
Evidently the walls will never be high enough.
snapshots (similar to volume shadow copy but better) in ZFS let's say in TrueNAS are immune to ransomware attacks because even if you have root access you can't delete or modify them. You can only manage them through web interface of TrueNAS. So the malware basically needs super power AI with credentials (username and password of the WebUI) and to navigate through the menus to deliberately delete those snapshots.
You can set a new incremental snapshots on intervals (every hour, day, 5 minutes ...etc) and the don't cost much space (unless substantial blocks of data changed) and they are blazingly fast. You can even automate deletion of old snapshots, say over 7 days or 3 months old. And you can specify important snapshots to never be deleted automatically ("Hold" option assigned to them).
Good to know.
@@JdotCarver What I mean by immune, is that you can always revert any changes the ransomware does. It is not like it will prevent the ransomware from modifying the data in current dataset. But one can easily revert them back to original state. And the snapshots are "readonly" even for root user.
Yes, I think you've made an argument for why successful ransomware must export data these days.
@miltonthecat2240 well, while devastating, if your data leaked (was uploaded) then you have a totally different issue at your hands. Here comes the value of encryption and to authorize viewing decrypted data to only trusted processes. Hackers can have encrypted data all they want. But if a company can't implement encryption and authorization to only trusted apps then clearly the data is not sensitive enough nor it's critical to protect.
Big telecom companies like T-Mobile had their customers' data leaked and they don't care, it is way cheaper to offer its customers a crappy Norton Identity Theft software as compensation that doesn't do anything in bulk than paying hackers.
Do you want: Backups (fear of data being encrypted by some ransomware) or Encryption and network security to prevent data leaking or both?
Please make an video on DoH/DoT, how it works, examples, benefits/demerits and your thoughts on privacy, much appreciated.
oh Lynx i thought it was another way of saying Linux lol. Probably a good idea to remind the linux users not to scoff because contrary to what they might thin Linux is not immune to ransomware. Great video!!!!!
Me too! Linux 😂😂
Linux was never immune, it just was much less of a target back in the day. A lot of malware nowdays "offer" Linux support.
0:44 OOF!!! Yikes...
1:02 If I have a choice, I'd take my business elsewhere. But only if I have a choice to do so. Ugh...
When people trust their Ransomware hackers more than their government...
What do you think I was making a joke?
would bit defender or kaspersky prevent the encryption of data? I recall something similar from the best anti virus video part 2 that bitdefender and kaspersky did in fact stop encryption of files
It depends. A lot of antiviruses only work because they have data from the past about what viruses act like specifically.
Too bad Any.Run doesn't allow you to register as a natural person. I really like all the analytic tools that you keep presenting.
Knowledgeable video👍🏼👍🏼👍🏼❤❤❤😊😊😊.
Can this Ransomware affect Deep Freeze?
This is one of the reasons why I'm not happy more and more people using Linux. Tho it is imune to many Windows problems, it still can be affected by something like this.
4% isn't "more people"
@@Kimarnic Rather headass way of looking at it.
@@Kimarnic In 2023, it was 3.1% so going to 4% is literally "more people".
Why does it matter? People will make malware no matter what.
It doesn't matter. Any computer is vulnerable.
Any.
I always find things like this fascinating. I have one question though. How can you trust the numbers for income on their website? That's rather easy to fake, and faking it would probablybenifit them here if they just make the number look huge.
can you give vt link for that exe?
Thank you.
What is 'crime' and what is not is arbitrary anyway.
Most for profit companies have the exact same goal - take money from people, giving as little as possible - and they will do anything and everything they can within arbitrary limits to do so. It's not like 'legal commerce' is any better.
I'm not condoning this, just commenting based on how much you stressed legal vs not. That's really not a hugely significant distinction IMO.
Edit, like take insurance companies for example that will do anything they can to make you believe you're covered then everything they can to not cover you.
At least these hackers are somewhat honest about what they do.
You win the stupid person medal. Congrats.
might as suggest not hooking everything up to the Internet
cool video keep up the good work man
insane
❤❤❤😊😊😊👍🏼👍🏼👍🏼.
The world 🌎 been weird those days fire fire earthquake ransomware what next may the god bless good people
i used to scroll through manifestation videos thinking, why does this work for everyone else and not me? it felt like the universe was ignoring me. then i read Vibrations of Manifestation by Alex Lane, and wow, it made so much sense. chapter 3 showed me how i was focusing on the lack instead of abundance, and that was holding me back. i started shifting my focus and applying the exercises from the book. within a month, i landed a side hustle that completely changed my financial situation. it wasn’t luck-it was energy. this book made me see that.
click the lynx Mr Fors
i’ve always been that person who watches manifestation videos, takes notes, and tries everything under the sun, but nothing ever seemed to work for me. i was stuck in this cycle of frustration, wondering what i was doing wrong. then someone mentioned Vibrations of Manifestation by Alex Lane. i gave it a shot, and honestly, chapter 3 made me stop in my tracks. it explained how my mindset and energy were completely out of sync with what i was asking for. it wasn’t overnight, but after applying what i learned, i started getting new opportunities, random gifts, even raises at work. it’s not magic-it’s alignment, and that book showed me how to find it.
Wow
One more reason why I won't buy an electric car.
Which is a braindead reason given that oil suppliers have previously been hacked lol?
@@rainzerdesu Oil Producers aren't able to hack the software in my car. They can't stop my breaks from working or my engine turning off remotely. EV's are cheaply constructed IOT networks subject to the same kinds of attacks a common laptop is. I'll LMOA when EV's start getting ransomware attacks and personal information breeches. GL HF!
You don't have sense
@@lolononojay9010 your an NPC
@@rogerbartlet5720 Its not just EV's that have this software
Most new cars are like this, its just Tesla did it first and are rushing it more than most
lynx is the codename of my phone (pixel 7a)
How about windows defender plus a DNS filter like umbrella vs video?
Second :P
i was at my lowest point, drowning in bills and completely lost on how to move forward. i kept seeing people talk about manifestation and how they’d turned their lives around, but no matter what i tried, nothing worked. then i found Vibrations of Manifestation by Alex Lane. chapter 3 hit me so hard-it was like reading about everything i was doing wrong. i started focusing on shifting my energy instead of obsessing over my problems, and things started to change. small things at first, like random discounts or finding money i didn’t know i had, but it kept growing. it’s crazy how things can turn around when you just understand the energy you’re putting out.