Since I'm done with my sprint commitments early, I spent much of yesterday scouring the internet for information on the ransomware attack. Thought I'd share a few articles that have solid information since most news is pretty shallow on the subject.
This one does a good job describing past attacks from the view point of a security consulting firm that helps with incident response to these things. If you want the 10,000ft nerd overview, this is it.
news.sophos.com
Key takeaways
- Companies that segregate data backups are not very vulnerable to this group as they can simply rollback their backups
- 2 factor authentication makes this type of attack nearly impossible as it relies on phishing
- These groups use tools available to most anyone on the web and aren't relying on anything that's really a zero day style attack
Here's another article that shows how they negotiate payment, which is somewhat interesting
Not really much to this article, but it shows they likely didn't understand what they were getting into with this attack
grahamcluley.com
This one does a good job describing past attacks from the view point of a security consulting firm that helps with incident response to these things. If you want the 10,000ft nerd overview, this is it.
A defender’s view inside a DarkSide ransomware attack
What to expect when you’re targeted by a headline-seeking threat actor
news.sophos.com
Key takeaways
- Companies that segregate data backups are not very vulnerable to this group as they can simply rollback their backups
- 2 factor authentication makes this type of attack nearly impossible as it relies on phishing
- These groups use tools available to most anyone on the web and aren't relying on anything that's really a zero day style attack
Here's another article that shows how they negotiate payment, which is somewhat interesting
A Closer Look at the DarkSide Ransomware Gang – Krebs on Security
krebsonsecurity.com
Not really much to this article, but it shows they likely didn't understand what they were getting into with this attack
The DarkSide ransomware gang must be shitting itself right now
So, what do you do if you're a ransomware gang which has just caught the attention of not just the world's media, but also the FBI and the President of the United States?
grahamcluley.com
