1. If you're receiving a message that you are banned from the Current Events or Politics forums, it's not you specifically: those forums have been hidden for all users. For more info, see here.
    Dismiss Notice

bloody bloody cryptolocker bloody

Discussion in 'Business & Enterprise Computing' started by Joshhy, Sep 12, 2014.

  1. Cape_Horn

    Cape_Horn Member

    Joined:
    Dec 23, 2001
    Messages:
    2,478
    Location:
    Shooting Baker
    Well at least we have got to the root of the problem.
     
  2. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,531
    Location:
    Brisbane
    I wholeheartedly disagree, it's entirely possible to make it a positive discussion. Obviously if IT come in screaming 'told you so' of course it'll be a disaster. But I've honestly never heard of a group of people feeling like it's us vs them as a result of doing this in advance. We've had more kickback from staff who haven't been phished in advance.

    People generally pay more attention due to there being evidence that their assumption is wrong. But just to repeat myself, it's not about rubbing peoples nose in it. It's about explaining that this is a real concern for everyone, and then help them address it.

    Unless that's purely a Dutch thing and Aussies have their heads too far up their asses to pay attention, which is of course entirely possible too :thumbup:

    No modern business should be materially impacted by cryptolocker. The technology and solutions are already in place. As you say, the value is hard to quantify.

    *edit*

    Whoops missed your post pablo
    Which sums up what I was feeling way nicer than I did :)
     
    Last edited: Jul 15, 2016
  3. BlueRaven

    BlueRaven Brute force & optimism

    Joined:
    Jul 29, 2010
    Messages:
    5,283
    Location:
    2076
    Best practice surely has to include some attempt at user education, it can't be as black and white as that?

    Even though I'm not currently in enterprise IT, I started my career there. I understand the general animosity and "necessary evil" mentality that many users have towards everything IT-related, and the fact that some people will never get it nor give a shit no matter hard hard you try.

    But if you're not making at least some attempt to educate users regarding known common threats (which should include vectors like social engineering), then you're surely making your life more difficult in the end?

    Though I also acknowledge that corporate culture has a big role to play here, and in some orgs/industries you're always just going to be pissing up a tree.
    Some companies will appreciate the proactive, in-your-face promotion of the fact that the users are the biggest problem. At many more, it will get you canned.
     
    Last edited: Jul 15, 2016
  4. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    13,531
    Location:
    Brisbane
    User education is a key part of a good defense in depth strategy.

    You can give people the best stuff, highly secured environment, but if they type their credentials into a basic phishing website it's all for nothing.
     
  5. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    44,855
    Location:
    Brisbane
    Nope. People are emotional brats.

    As the son of a Dutchman, you've hit the nail on the head. Dutch logic is wonderful, and the ability to be objective in the face of evidence is something I sincerely miss working for an Australian business full of people who cry about how much their feelings are hurt every time we try and move the business forward.

    This whole country is much the same. Every time you try to make progress, you get people in tears over how much it hurts everyone's feelings. Utterly ridiculous.

    Walking on eggshells is by far the worst aspect of my job.
     
  6. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    44,855
    Location:
    Brisbane
    I genuinely don't know. And nor does anyone else, because if they did, this stuff wouldn't exist.
     
  7. 7nothing

    7nothing Member

    Joined:
    Feb 15, 2002
    Messages:
    1,556
    Location:
    Brisbane
    When you're dependent on the functionality of a tool for 80% of your work day, make it your business to learn how to use that tool.

    If you're too stupid for that, maybe don't completely disregard this simple instruction from the people who provide you support in using that tool: "Don't blindly open every single email attachment you receive".

    Failing that, please feel free to hassle me repeatedly about not being able to log on to your computer while I restore all the files you encrypted and generally clean up after you shitting all over the office floor. That's a great way to get back on side.
     
  8. 7nothing

    7nothing Member

    Joined:
    Feb 15, 2002
    Messages:
    1,556
    Location:
    Brisbane
    Fuck, flux capacitor equipped de-lorean is standard equipment for every modern business?

    Why do I waste my time isolating the affected computer then restoring data from last good backup while people wait for their files when time travel is already in place.
     
  9. greebs

    greebs Member

    Joined:
    Dec 30, 2001
    Messages:
    958
    Location:
    Melbourne
    My tongue has pretty much constant bite marks on it.
     
  10. bcann

    bcann Member

    Joined:
    Feb 26, 2006
    Messages:
    6,100
    Location:
    NSW
    So we give into the "No red marker" brigade and don't at least try to help users, by giving them a little test, that ok they may feel a little bit sheepish if they flunk, but ultimately it might save a lot more grief next time even if it makes them pause and think should I click on $stealmypaypal/cctrojan/webcambroadcastworldwideforprofit$ link or maybe should I call IT.

    I'm sorry but I did with management approval run a phishing test on my users once. 10% failed real bad when it was blingingly obvious (I made the page say Password stealing website ffs) and yet they STILL entered their details.

    We need to stop worrying about a very small percentage of users feelings and just move on. Or another way might be to look at it this way.

    Joe average receives a company credit card and because he is lazy and doesn't think writes his pin number on the credit card back. He then proceeds to leave it in his car in a very visible place and it of course gets stolen. Fearing for his job he doesn't tell finance for a week, by which time the card has racked up $50,000 on it.

    To my way of looking at it, how is the above story any different to any of the ways almost everyone on these forums users have got infected with cryptoware. Its almost the same level of stupidity as the above C/C example. I bet in the above C/C example the person would get reamed by finance and probably fired, but if you were to swap it with IT, it'd almost get waved off with little more thought, other then a pissed off IT guy cleaning it up, with no real comeback on the user, but like I said to my thinking its near the same level of stupid.
     
  11. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    44,855
    Location:
    Brisbane
    OK, OK, chill.

    Here's the deal: I agree with you. 80% of people in the workplace are incompetent and need a bloody good slap (figuratively speaking, although literally would also be satisfying). Most will continue to avoid good advice until it bites them in the arse, and then they'll come crying to people like you and I for help at the 11th hour. And not at their expense, but at ours, as we put the hours in to fix their fuckups while they go home and put their feet up with their families.

    However...

    Depending on where you work, IT departments frequently get no respect. That means no budget, no people, and nobody listens to their warnings and advice. This is not every business, of course. But it is a lot of them.

    Performing sting operations on your users is walking a tightrope. If you can pull it off with management support and everyone learns something at the end: my hat off to you. That sounds like an incredibly challenging situation that needed some good planning, and if it worked, then you have my genuine admiration.

    Perhaps I'm being biased with the experience of working with creatives too long, but where I come from (and with the lack of organisation available to me currently), my company would fail at such a task, and end up making the general working population hate IT a whole bunch. What would happen here is we'd drive the already troubling wedge between IT and regular users in a little deeper, and it would give the users one less reason to seek our help when they should, "proving" to them that we're not on their side, and that they should continue doing things without our advice. Again, I work with a highly emotional lot (speaking industry wide, not just our business), so I completely acknowledge that I could be way off mark for your regular corporate setup.

    So again, if you did it and came out in a better spot than before (people respected IT the same or more, and you educated some users), then that's worthy of praise. I shudder to think what the result of such an operation would be where I work currently, given our lack of resources as well as the temperament of our users.
     
  12. Gunna

    Gunna Member

    Joined:
    Dec 25, 2001
    Messages:
    7,889
    Location:
    Brisbane
    Last week i had 3 users ask about suspicious emails. All were phishing emails that had slipped through our barracuda spam filter. I'm not sure what it is about this company but it seems the users give a shit, in my MSP days daily people would get hit and play dumb. I wonder if it's a culture thing within a business, if people care about the business then they are more diligent.
     
  13. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,610
    How do you find the Barracuda spam filtering on the whole? are you appliance, or hosted?

    Our current solution is EOL soon, and its almost time to start looking at alternatives.
     
  14. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    44,855
    Location:
    Brisbane
    Sure, why not? If I were the one doing the attacking, I'd have a dozen or so of these things that I'd use in rotation. Users will forget after 6 months, so why not recycle it and save yourself a bunch of effort?
     
  15. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,610
    I'd do a census one... Seems topical
     
  16. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    44,855
    Location:
    Brisbane
    You have an evil mind. I like it.
     
  17. looktall

    looktall Working Class Doughnut

    Joined:
    Sep 17, 2001
    Messages:
    26,663
    nek minnut.

    http://www.heraldsun.com.au/news/vi...s/news-story/ad1ad5d0b56e174c690c97cafafed4c9

    this actually pre-dates the census, but i expect they might ramp up a bit now.
     
  18. Gunna

    Gunna Member

    Joined:
    Dec 25, 2001
    Messages:
    7,889
    Location:
    Brisbane
    Appliance and I don't manage it so cant really comment. It has had an issue here or there. One was renaming the file extension on PDF's to some thing else but it was resolved quickly.

    The end users like it, we have it set up so they can manage their own white\black list and preferences.
     
  19. BurningFeetMan

    BurningFeetMan Member

    Joined:
    Apr 22, 2003
    Messages:
    9,603
    Location:
    Veg City

    You're a pretty cluey guy. Surely practicing professionalism ain't gonna kill ya! :lol:
     
  20. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    44,855
    Location:
    Brisbane
    Professionalism is entirely different to managing histrionics.

    Another reminder that I work in the creative industries. By comparison, corporate life is a walk in the park.
     

Share This Page

Advertisement: