7
Got hit with a ransomware demand at 2 AM last Tuesday
Was finishing up a server patch at my office in Tulsa. Suddenly all my files turned into .encrypted crap. The screen flashed with a Bitcoin wallet address and a 48 hour timer. Price was $1,200 to unlock everything. I disconnected the server from the network immediately. Restored from an offline backup 4 hours later. Anyone else keep their backups physically disconnected or just me?
2 comments
Log in to join the discussion
Log In2 Comments
skyler_kim1mo ago
My brother runs a small dental office and their IT guy told them to back up to an external drive but leave it plugged in all the time. Ransomware hit them last spring and encrypted both the server and the backup drive at the same time. Cost them $3,000 to get their patient files back. I told him that's what he gets for listening to the guy who still uses Windows 7 in 2023.
6
dylanward1mo ago
Wait, did they actually pay the ransom or did they have a separate backup? That's the real question here. If they paid $3k to get their files back, I'm guessing they didn't have another backup offsite or in the cloud. The crappy part is having an external drive plugged in 24/7 is basically just asking for it to get hit if ransomware gets in. Like, you might as well just call it a second hard drive at that point, not a backup. So did they at least learn from this and set up something proper now, or are they still trusting the same IT guy?
9