Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ransomware Insurance Is Coming (onthewire.io)

Posted by BeauHD on from the times-are-changing dept.

Trailrunner7 quotes a report from On the Wire: As bad as the ransomware problem is right now -- and it's plenty bad -- we're likely only at the beginning of what could become a crisis, experts say. "Lots of people are being infected and lots of people are paying. The bottom line its it's getting worse and it's going to continue to do so," Jeremiah Grossman, chief of security strategy at SentinelOne, said during a talk on the ransomware epidemic at the RSA Conference here Monday. "Seven-figure ransoms have already been paid. When you're out of business, you'll pay whatever you have to in order to stay in business. You're dealing with an active, sentient adversary." The ransomware market seems to be headed in the same direction as real-world kidnapping, where high-profile targets take out insurance policies to pay ransoms. Grossman said it probably won't be long before the insurance companies latch onto the ransomware game, too. "The insurance companies are going to see a large profit potential in this. Kidnapping and ransom insurance is still very boutique. This economic model will probably apply equally well to ransomware," he said. According to The FindLaw Corporate Counsel Blog, "Ransomware attacks fall under your cyber insurance policy's 'cyber extortion' coverage and can generally be considered "first-party" or "third-party" coverage, according to Christine Marciano, president of Cyber Data Risk Managers. Third-party coverage would likely leave a company uninsured when they are the victims of a ransomware attack. Even if your insurance policy covers ransomware attacks made against your company, the deductible may be so high that the company will be stuck paying any ransomware demands out of pocket (should the company decide to pay to decrypt its data). And your coverage may be sub-limited to relatively small amounts, according Kevin Kalinich, the global cyber risk practice leader for Aon Risk Solutions. A $10 million policy may only provide $500,000 for cyber extortion claims, he explains."

86 comments

  1. Ransomware Insurance Is Coming... by Anonymous Coward · · Score: 0

    ...probably from the same people writing the ransomware.

    1. Re:Ransomware Insurance Is Coming... by Mr+D+from+63 · · Score: 2

      And then next step is ransomware insurance fraud.

    2. Re:Ransomware Insurance Is Coming... by djrogers · · Score: 1

      And unlike so many other forms of insurance fraud, this would be easy to do, near-impossible to prove, and without the nasty long-term repercussions that things like arson come with...

      --
      Think outside the... Hey, where'd the friggin' box go?
    3. Re: Ransomware Insurance Is Coming... by dougdonovan · · Score: 1

      check the deep web for the app...

    4. Re:Ransomware Insurance Is Coming... by Tablizer · · Score: 1

      ...probably from the same people writing the ransomware.

      I once worked for a company specializing in environmental cleanup. They were eventually bought out by a polluting civil engineering firm. They were essentially paid by the gov't to clean up their own messes.

      (Granted, the rules were lax in their earlier years such that it this financial recursion probably wasn't planned; just a lucky accident.)

      --
      Table-ized A.I.
  2. Fool-proof insurance policy by WaffleMonster · · Score: 4, Informative

    BACKUP YOUR SHIT

    1. Re:Fool-proof insurance policy by Xenographic · · Score: 2

      You'd think that good backups would be better insurance, but far too many firms simply don't have good backups. Or worse, they think they have backups and they've never really tested the restore process and wait for an emergency to find out it doesn't actually work...

    2. Re:Fool-proof insurance policy by PolygamousRanchKid+ · · Score: 2

      "Nothing can be made fool-proof, because fools are so ingenious."

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    3. Re:Fool-proof insurance policy by Anonymous Coward · · Score: 1

      If those backups are accessible on same network and no copies offsite, the ransomware will eat those up too

    4. Re: Fool-proof insurance policy by dougdonovan · · Score: 1

      laughing with you ...

    5. Re:Fool-proof insurance policy by networkBoy · · Score: 2

      Or the backups are good and tested, but are on-line disk backups and also get encrypted...

      --
      whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
    6. Re:Fool-proof insurance policy by Anonymous Coward · · Score: 0

      No. That's not a fool-proof insurance policy against ransomware. Nothing is fool-proof, but this is as close as you can reasonably get:

      • - Backup your shit.
      • - Make a copy of that backup that is offline. Meaning tapes, or hard disks that you physically pull out of the array, or something. The important thing is: that copy cannot be automatically accessed by the source system, so ransomware cannot corrupt it.
      • - Do periodic restore tests, using the offline copy, on hardware that is set aside for that purpose.

      If you don't test your backups' ability to be restored, you don't have backups. And restoring the data is a bare minimum - ideally, you want to check that the application works as expected as well.

      Sure, it's unrealistic to do that for every system, and every application. So you do it regularly for the critical applications, and toss in one or two "unimportant" applications as well - making sure that the "unimportant" application you test is a different one each test. (No fair swapping between two different unimportant applications - you want to aim to get full coverage of all the applications over a large enough number of tests.)

      Also: do logs of all your backups. How much data was backed up in backup A, versus the same backup a week earlier? If you're using a backup system that does an "always incremental" style of backup (eg: IBM Spectrum Protect, formerly known as Tivoli Storage Manager; also CommVault), is the amount of data backed up abnormally large? If the figure seems off, it warrants investigation - especially if it's off by a very large amount.

      There are no guarantees. There is, however, basic backup and recovery practice, such that you at least will get warning signs early on.

    7. Re:Fool-proof insurance policy by taustin · · Score: 3, Insightful

      In my professional opinion, that would not qualify as a good backup.

    8. Re:Fool-proof insurance policy by Tablizer · · Score: 1

      BACKUP YOUR SHIT

      And

      1. Test backups regularly
      2. Put the most recent copy in at least two geographically diverse locations (as insurance against regional disasters).
      3. Store the archive versions in at least two different locations, perhaps rotating the target if there's not enough space.
      4. If it's encrypted (probably a good idea), also make sure the encryption key is stored in multiple spots.

      Example schedule with 3 locations:

      LOCATION 1:
      - Last night's
      - 1 week ago
      - 4 weeks ago
      - 7 weeks ago
      - 10 weeks ago
      - etc...

      LOCATION 2:
      - Last night's
      - 2 weeks ago
      - 5 weeks ago
      - 8 weeks ago
      - 11 weeks ago
      - etc...

      LOCATION 3:
      - Last night's
      - 3 weeks ago
      - 6 weeks ago
      - 9 weeks ago
      - 12 weeks ago
      - etc...

      Archives older than roughly 3 months perhaps should be staggered monthly, and then yearly after about 2 or 3 years if the space is expensive.

      --
      Table-ized A.I.
    9. Re:Fool-proof insurance policy by FatdogHaiku · · Score: 2

      My take on that is:
      "Nothing can be made fool-proof, because fools are so ubiquitous."

      --
      You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
    10. Re:Fool-proof insurance policy by bartle · · Score: 1

      BACKUP YOUR SHIT

      It is worth considering that for a large company, perhaps with several thousand workstations, it may be more cost efficient to pay the ransom and get their systems back online within a day rather than overworking their IT staff in the hopes of getting their machines back after a week. Even if the company has full data backups, they may not have the staffing required to wipe and reinstall every computer in a reasonable amount of time.

    11. Re:Fool-proof insurance policy by Mashiki · · Score: 1

      That's a good plan, unfortunately in many cases getting companies or even government to pay for it is next to impossible. I know of local and parts of provincial governments here in Canada that use 7-day round-robin backups, and there is no off-site backups at all. And it's because they believe it's a "waste of money" and any type of loss of the data is impossible.

      --
      Om, nomnomnom...
    12. Re:Fool-proof insurance policy by KiloByte · · Score: 1

      Even if the company has full data backups, they may not have the staffing required to wipe and reinstall every computer in a reasonable amount of time.

      How hard is it to plop in boot media and run a script? You have all the rest automated, so all it takes is a few lines of shell, right?

      Even special snowflake machines should back up to the common place, so they're not that different.

      And if you're instead using some commercial "solution", well, then you're already used to pay the inadequacy tax.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    13. Re:Fool-proof insurance policy by Anonymous Coward · · Score: 0

      BACKUP YOUR SHIT

      Even "proper" backups* aren't needed, just snapshots** that can be easily reverted.

      Some defintions:
      * A backup is a restorable copy of data on independent media (i.e., not snapshots or RAID, which are on the same media).
      ** Snapshots are by definition read-only, so cannot be effected by user action. A "read-write snapshot" is a clone of the data.

    14. Re:Fool-proof insurance policy by freeze128 · · Score: 1

      Why is that situation even a thing? I know it happens, I have seen it happen. My question is: Why are backups so finicky? I would think that if you copy a bit to another type of media, it would ACTUALLY BE THERE so it could be restored. Why do backup manufacturers allow this to happen?

    15. Re:Fool-proof insurance policy by lbates_35476 · · Score: 1

      You are correct that regular CIFS shares (external USB/eSATA hard drives, shares that are accessed with user level security) don't work against the REALLY ugly versions of ramsom ware. My company (shadowsafe.com) found out years ago that this can be solved by placing your backups on a device that isn't accessed by any regular users and only by the application taking and maintaining the backups. You, of course, also need offsite copies of things, but that protects against a different set of events.

    16. Re:Fool-proof insurance policy by allo · · Score: 1

      When you decide to get an insurance, you can decide to get a backup. the problem firms are those, who don't think about the problem at all.

  3. Security crash course by Anonymous Coward · · Score: 1

    As long as the insurance companies put in a mandatory security training course to qualify for this, I'm okay with it. Why do people still open unknown executables in emails?

    1. Re:Security crash course by fisted · · Score: 1

      because wtf is an "executable", fuck off with your computer shit.

      --
      CLI paste? paste.pr0.tips!
    2. Re: Security crash course by dougdonovan · · Score: 1

      fisted, turn your computer off. go back to the ink pen and paper.

    3. Re: Security crash course by fisted · · Score: 1

      whoosh.

      --
      CLI paste? paste.pr0.tips!
  4. Don't run Windows. by jcr · · Score: 0, Flamebait

    Problem solved.

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
    1. Re: Don't run Windows. by Anonymous Coward · · Score: 0

      Because nobody has ever compromised another OS, or wait for it, wait for it, had an admin go rogue.

      Heck, just look at the compromised routers and other network appliances, that alone should tell you something.

    2. Re: Don't run Windows. by jcr · · Score: 2

      had an admin go rogue

      If you know who the perp is, there's all kinds of options available.

      -jcr

      --
      The only title of honor that a tyrant can grant is "Enemy of the State."
    3. Re: Don't run Windows. by mmell · · Score: 1
      Yeah - but there have been reported incidents on the evening news where the rogue admin/engineer/architect has been so confident that he would prevail that "grey bar" cryptography has been ineffective. Now lead pipe cryptography, on the other hand, . . .

      Besides, the threat of legal action makes getting your hostage data "freed" a waiting game. Who loses more in such a waiting game - the rogue programmer, possibly confined in a very boring place with a bunch of smelly people and bad food, or the enterprise paying rent, utilities and people to not do business as usual?

  5. Not a bad idea at all by Anonymous Coward · · Score: 1

    Insurance companies are experts in mitigating and evaluating risk - It's literally their job.

    In order to get insurance, insurance providers will require their customers to educate their staff and ensure they have a minimum baseline of security.

    The very basic, most bare of security practices reduce ransomware's impact to an annoyance. Separation of privileges, backup, software updates, email attachment filtering - You know stuff you should be doing already.

    1. Re:Not a bad idea at all by Falos · · Score: 1

      >ensure they have a minimum baseline of security.
      NO, that's victim blaming, people can do jack all, or even worse than nothing, and should still be morally indemnified. And financially. Because they have zero culpability.

  6. Do payments work? by DidgetMaster · · Score: 1

    What guarantees does anyone paying a ransom get that they will be able to unlock their data? If you are dealing with ransomware, you are dealing with crooks who don't have any morals whatsoever. Once they get payment, why wouldn't they just let you twist in the wind? Many kidnappings are the same. You pay the ransom and you still get a dead or missing relative.

    1. Re:Do payments work? by fisted · · Score: 4, Insightful

      If word gets out that paying doesn't help, then people will stop paying.
      These are trustworthy criminals that have a reputation to lose.

      --
      CLI paste? paste.pr0.tips!
    2. Re:Do payments work? by Anonymous Coward · · Score: 3, Insightful

      What guarantees does anyone paying a ransom get that they will be able to unlock their data?

      None. But ransomeware is generally not a one-off thing, the people who make and distribute it are career criminals. It's in their best interest to restore your data. If a particular brand of ransomware builds a reputation for being dishonest, then nobody's going to pay the unlock fee.

    3. Re:Do payments work? by Solandri · · Score: 1

      The problem isn't the integrity of the ransomware author. The problem is that long after the author has moved on to other things (or been arrested, or assassinated), the ransomware virus is still out there, still spreading, still infecting new systems, and still scrambling data.

      It's like royalties from little-known songs that someone wrote a decade ago. If some trickle in, it's "oh that's nice" money. There's no incentive for the songwriter to maintain or improve that old product. It doesn't encourage him to write new songs or release a newly edited version of the old song.

      If you're lucky the server for that particular ransomware virus was shut down by the authorities or white hat hackers, and you can get a master key to decrypt your stuff. If you're unlucky, your data is as good as deleted. Paying money into an anonymous bitcoin account won't get you anything.

    4. Re:Do payments work? by cyberchondriac · · Score: 1

      I think insurance companies for this kind of thing are just a colossally bad idea. Now it positively screams "lucrative!" to the ransomers, as victims will be far more willing to "pay" since it's covered by insurance. The amount of ransom demanded will increase as well.

      Instead they should be concerning themselves with better security, training, and backups. That wouldn't have to cost any more than the insurance premium.

      --

      Look back up at my post, now look back down, you're on the Internet. Now look back up. I'm a signature.
  7. Higher costs coming soon! by Anonymous Coward · · Score: 0

    This will just drive up the costs of ransomware, because once anything becomes subsidized with "someone else's money" (see: healthcare, college education) a vicious cycle ensues. Soon everyone will require ransomware insurance, with annually increasing premiums.

  8. JFC BACKUPS by Anonymous Coward · · Score: 0

    Come on, ANY company should have backups. THIS is your insurance. FFS, servers offer previous version rollback and snapshots for the fast recovery, it's not rocket science anymore.

  9. It will probably be successful by Jfetjunky · · Score: 1

    I know the best insurance is having competent IT pros that can make ransomware no more than a minor inconvenience, but I suspect there are many small/medium businesses that would find this a cheaper alternative than staffing such a department.

    1. Re:It will probably be successful by wbr1 · · Score: 1

      Fuck that. Find a good, reputable MSP. Hate to sound like an infomercial,but my small MSP firm serves small biz. For less than 70 USD per PC per month you get encrypted cloud backups with, if desired, local mirror, world class AB, web filtering, event monitoring, free virus removal, etc. All at a set fucking cost. It's a no brainier.

      --
      Silence is a state of mime.
  10. Think Big by avandesande · · Score: 1

    Idiot insurance

    --
    love is just extroverted narcissism
  11. FREE With WIndows 10 Purchase by Anonymous Coward · · Score: 0

    Ransonware should be included FREE with Windows.

    Windows is the most secure windows EVER. Microsoft should put it's money behind this. I can see nothing wrong with this.

    After all, it's a product with NO WARRANTY, or even FITNESS FOR A PARTICULAR PURPOSE, and CONTAINS KNOWN DEFECTS. But hey, its the most secure version of windows ever!

    All MSFT marketing data about you is transmitted very securely to a very secure microsoft server.

    Your actual data on the other hand...

  12. What could possibly go wrong by Dunbal · · Score: 3, Insightful

    1. Back up your data

    2. Install the ransomware yourself on the computers.

    3. Cash in on insurance policy

    4. Reinstall data from backups.

    --
    Seven puppies were harmed during the making of this post.
    1. Re:What could possibly go wrong by wbr1 · · Score: 3, Insightful

      You can bet the insurance company will have digital forensics engineers on hand for any large payout. Local it will be in support, not supervisory roles.

      --
      Silence is a state of mime.
    2. Re:What could possibly go wrong by KiloByte · · Score: 2

      But how will those "digital forensics engineers" tell an idiot user clicking on an attachment from this being done intentionally by someone with enough brains to log in as the former?

      I guess the insurance company will just randomly deny payments with a bullshit excuse, like they usually do.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    3. Re:What could possibly go wrong by AmiMoJo · · Score: 1

      Exactly, many companies get several ransomware viruses by email a day. All one needs to do for insurance fraud is to "accidentally" open one.

      Chances are the policy requires you to take reasonable steps to protect yourself, similar to how you need to lock your doors and windows for house insurance to cover loss due to theft. So you might have to pick the worst AV going, just to make sure.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  13. Interesting idea but ultimately harmful by Billy+the+Mountain · · Score: 1

    The problem with this is, while it may help out a clueless company in the short term, the incentive for the insurance company is to pay the ransom, because it rewards the evil-doers, which, in turn creates more need for the insurance.

    --
    That was the turning point of my life--I went from negative zero to positive zero.
    1. Re:Interesting idea but ultimately harmful by Anonymous Coward · · Score: 0

      And that's even assuming that the insurers and the ransomware authors aren't working for the same party to begin with.

  14. Large businesses too by rsilvergun · · Score: 2

    Nobody likes paying for IT. Outside of nerds (the neckbeard kind, not the modern "nerd") people hate computers. They hate how they make them feel weak and dumb. They hate that they can't seen them working because so much goes on behind the scenes. And above all they hate that they put power in the hands of the sorta twerps they used to see bully (or bully themselves) in grade school.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  15. Insurance will make the problem worse by aklinux · · Score: 2

    You're guaranteeing the bad guys a paycheck.

    1. Re:Insurance will make the problem worse by Anonymous Coward · · Score: 0

      As the ransomware problem gets worse, the "need" for policies will rise, guaranteeing the insurance guys a paycheck.

  16. Re:Best protection vs. ransomware? by Anonymous Coward · · Score: 0

    HOSTs does not protect against attacks on the network infrastructure, which is the real future of attacks, not shit ransomware.

    Smart security-minded people look towards the future, and don't desperately hang onto a fuckup from the past like you do.

  17. Insurance makes everything worse. by Anonymous Coward · · Score: 0

    That is its purpose.

    1. Re:Insurance makes everything worse. by Anonymous Coward · · Score: 0

      Sounds like a borderline racketeer influenced and corrupt organization..

  18. Abort by jon3k · · Score: 2

    Have a friend who works for a mid-sized insurance firm that provides Cyber Insurance, it's actually exclusively what he does now. So what they do is get you to agree that you'll take all these preventative measures to avoid it (ie making backups) and when you get ransomwared they find some particular provision you violated to not pay your claim. Like any insurance of course.

  19. The truth is finally out by Anonymous Coward · · Score: 0

    Now we see why this was happening in the first place. setting up for 'insurance' plans.. ...yet another scam to fleece even more people....

  20. insurance company requires backups by raymorris · · Score: 4, Interesting

    > the incentive for the insurance company is to pay the ransom

    What insurance companies actually do is set conditions that *reduce* risk for their customers, so They don't have to pay anyone. They also create organizations such as Underwriters Laboratories and the National Fire Protection Association (who write the fire code).

    In this case, the insurance company will require that in order to get converage, you'll need to have *proper* backups, with a checklist of requirements for *proper* backup. Then they never have to pay out, and collect (small) premiums basically in exchange for forcing companies to test their backups quarterly.

  21. I can hear it now.... by Ol+Olsoc · · Score: 1

    Some pretty important data you have there. It would be a pity if something were to happen to it. You can't be too careful these days. By the way, how are the wife and kids doing.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  22. Food for thought by TheOuterLinux · · Score: 1

    Use Linux and use separate partitions as follows: /boot ext2 / ext4 Swap /home ext 4 encrypted Then, install Clamav and Lynis to check for viruses (more like passing on prevention for Window$ than for actual Linux) and rootkits. And if you find anything, you can reinstall Linux and leave the /home partition alone in most cases so you don't lose anything. Keep a list of installed packages and just drag and drop after apt-get install, yum, or zypper in the terminal. There have been actual cases when people try to get access to computers by lying about detecting malware on their computer over the phone. The user says he uses Linux and not Windows. They hang up immediately. I wouldn't pass these "insurance" companies to be any different.

  23. Re:Best protection vs. ransomware? by mmell · · Score: 1
    I don't think your software alone is the whole solution, and I'm not sure how it can prevent a ransomware attack against an enterprise target. I can certainly see how (in concert with VPN access and judicious use of TOR for certain activities) it could be part of an overall solution for several of the privacy and security concerns facing desktop users nowadays.

    While I mislike running such software in what I still think of as kernelspace (ring-0, I think?), I recognize why this has to run there under Windows, unless you like answering UAC requests all day. I'm going to give it a shot - this time, on physical hardware in daily use instead of sandboxed in a carefully managed VM (having already confirmed in the VM that it doesn't do anything schiesty). I have no intention of endangering my system (for example, by intentionally permitting a ransomware attack on my machine). Since I've never fallen prey to any exploits I'm aware of, I doubt that I'll have anything to report on that score.

    If it lives up to all you've claimed for it by itself, I'll be shocked. If it lives up to expectations, I'll be content. Suffice it to say I'll relate my experience with it here. I've seen what I consider a distinct improvement in your online comportment of late - let me go ahead and give your host lookup tool a shake. You'll hear back from me.

  24. Re:Best protection vs. ransomware? by mmell · · Score: 1
    You still really ought to consider only posting once; we all saw you the first time.

    Testing . . .

  25. Insurance companies will have that on their checkl by raymorris · · Score: 1

    I'm fairly certain insurance companies will require protection against that before they issue a policy.

    I've been hoping we could get something like Underwriters Laboratories (UL) or the National Fire Protection Association (who authors the fire code) for security, and someone to get companies to follow the standards. Insurance companies created UL and NFPA and require corporate clients to mitigate risks that could result in a payout. I have hope they will be a very good thing for security. Insurance companies evaluate and manage risk for a living, and they are good at it.

  26. Baseball bats. by Anonymous Coward · · Score: 0

    I'd not be opposed to a team of spec-ops style enforcers who hunt down and find ransomware operators, drag them out of their apartments by their testicles, and then beat the shit out of them with baseball bats while filming them. Imagine those delicious wet "smacks" of their heads caving in and posting them to various sites to show what future wanna-bes have in store.

  27. Re: Sure hosts do, even vs. DDoS by Anonymous Coward · · Score: 0

    A.P.K. most of these come through email attachments you numb nuts. How the fuck is a host file going to make any difference in that case? If you have the mail server in the hosts file the fucking mail server is still going to serve up the tainted email. For fucks sake please go be autistic somewhere else.

  28. I never said it IS the "whole solution" by Anonymous Coward · · Score: 0

    See subject: I do say hosts do MORE than ANY other single solution does more efficiently/for less using what you already have natively. I also do say that "layered security"/"defense in depth" is THE strategy to employ in security guides I wrote 11++ yrs. ago that got me PAID http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&src=IE-SearchBox&FORM=IESR02&pc=EUPP_/ for their content (using the highly esteemed easy to use CIS Tool which took fixes from "yours truly" too, no less).

    As far as HOW/WHY hosts work for security? Read more here (stops enslavement into botnets) https://news.slashdot.org/comments.pl?sid=10240595&cid=53862609/

    * NEWEST BUILD WAS JUST UPLOADED Monday 02/13/2017 @ 10 p.m. EST USA SO IF YOU TRY IT? Get the latest/greatest (redownload to be sure) a few minutes ago.

    APK

    P.S.=> 8 security pros also feel hosts = good security! See here https://it.slashdot.org/comments.pl?sid=10205115&cid=53815959/ ... apk

    1. Re:I never said it IS the "whole solution" by mmell · · Score: 1
      Your advertising, however, does imply as much (although, yes: I understand what hostfiles can do and what they can't). So far (what, maybe an hour now?) it's done what I would want. So far, no downside. Page load times are predictably much better (then again, I'm not on my network, not using my DNS. Using XFinity's default DNS on someone else's network).

      Seems to be installed and running correctly. Not quite intuitive, I wouldn't recommend it for most end-users. Your explanation of how to install is clear enough but I think you're overestimating the average users' intelligence. That's okay, as anybody who can't figure it out probably wouldn't know how to apply any other security enhancements anyway.

      Next test - VPN. I've occasionally had some DNS issues, especially when TOR'ing over a VPN in Windows. NP from my Linux desktop, but as I may have mentioned I gave it up last year, when I bought an Asus Chi-T300. Just plain too much easier to use Win10 then to get Fedora up and running right.

  29. Cut off bad payload download links in email by Anonymous Coward · · Score: 0

    Links to malicious payloads downloads are nullified in email & if done by attachments hosts cut off botnet C&C communication, effectively paralyzing it as I said, that does the rest (nullifes the malware communicating back to its handler/controller for coordination).

    APK

    P.S.=> Hosts are good security, again, see here if MY word's not good enough https://it.slashdot.org/comments.pl?sid=10205115&cid=53815959/ ... apk

    1. Re: Cut off bad payload download links in email by Anonymous Coward · · Score: 0

      Okay man. It just happens to work in that application. I can tell you this, a managed host file WILL NOT WORK FOR MY CUSTOMERS. It might be great for personal use, but as people have told you before, it won't be good for everything. Your hosts file manager is a hammer and you seem to think that every networked application is a nail. I make proof of concept projects for the hell of it all the time. I like hacking stuff together for the sake of it. Just to see if I can do it. Sometimes it is nothing more than an amusement to me. Sometimes it's useful for work later. I'm under no delusions that everybody or anybody will ever have a legit use for a lot of it. I can appreciate your zeal, but your hosts manager squarely falls into a novelty category for use cases. By all means put out it there. Just know spamming Slashdot isn't going to win you any favor with it. Maybe start new projects and see if something else sticks.

  30. I would sell this insurance ... by cowtamer · · Score: 1

    ... only after having the company agree to a regular audit of its backup systems, and ensuring automated redundant backups of crucial data...

  31. I already have ransomware insurance by Anonymous Coward · · Score: 0

    It's called "Time Machine". Also it's called periodically burning things to optical media just in case of catastrophic loss. It's also called not using Misrofuck Shitblows. I have yet to have this problem. One, I use UNIX, two, I back things up automatically and routinely, and three, I back things up manually to a different device. Also, I don't run programs or open random shit I find laying around on the intertyubes.

    This insurance costs exactly the same as the insurance I pay against disc crashes, power surges, break-ins, (not all backups are stored in the same place,) so not that I want to invite someone to try, because why invite that kind of annoyance, that's all it would be. Annoyance.

    (changes all passwords...)

  32. You have got such a nice computer there... by ruir · · Score: 1

    Now if something would happen to it...;) I have already insurance against malware, got a Mac, a GhostBSD and a Linux at home, and at work all my servers are Linux and FreeBSD, thank you.

  33. And keep the keys by DrYak · · Score: 1

    (and keep the cryptographic keys, just in case backups fail)

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  34. It's not coming, been here for years by acoustix · · Score: 1

    This isn't a new thing. It's been around for a while.

    And it's not just about paying the ransom. The ransom is usually a very small amount of money in the whole scheme of things. It's about being able to conduct business like paying your vendors and employees while your system is down.

    --
    "A plan fiendishly clever in its intricacies"- Homer Simpson
  35. U prove APK Hosts File Engine = safe & works by Anonymous Coward · · Score: 0

    "I'm going to give it a shot - this time, on physical hardware in daily use instead of sandboxed in a carefully managed VM (having already confirmed in the VM that it doesn't do anything schiesty) - by mmell (832646) on Monday February 13, 2017 @09:22PM (#53862413)

    As you see, APK Hosts File Engine IS completely safe & performs as I stated:

    "So far it's done what I would want. So far, no downside. Page load times are predictably much better. Seems to be installed and running correctly" - by mmell (832646) on Tuesday February 14, 2017 @12:02AM (#53863115)

    Thanks for testing. Enjoy the program & faster/safer online experiences.

    APK

    P.S.=> Onwards & UPWARDS... apk

  36. Not advertising: I tell truths by Anonymous Coward · · Score: 0

    See my subject: Proof you substantiated testing my program is safe 1st in a VM & then that it works w/out it https://news.slashdot.org/comments.pl?sid=10240595&cid=53865387/

    Your opinion on its intuitiveness is purely arbitrary. Other /.ers disagree https://it.slashdot.org/comments.pl?sid=10221475&cid=53831639/ & https://it.slashdot.org/comments.pl?sid=10221475&cid=53831653/

    As far as how it works, it comes FULLY DOCUMENTED in its readme tab & .txt files it ships with.

    * Your DNS issues in Windows MAY be the faulty w/ hosts files slower usermode clientside dnscache service (it's broken in a few ways & remote DNS is LOADED w/ security & inefficiency issues galore https://news.slashdot.org/comments.pl?sid=9007355&threshold=-1&commentsort=0&mode=thread&pid=51969075/ ).

    APK

    P.S.=> I imply nothing. I merely state facts. It's all any product needs to be successful so I stick by it & it's yet to do me wrong... apk

  37. I''ve NEVER ONCE said "hosts do all" by Anonymous Coward · · Score: 0

    See my subject & a conversation w/ mmell here (ask hairyfeet or BarbaraHudson - they tried what you are now & failed (years ago))!

    Show me where I have said i.e. "hosts do everything under the sun" (I never once have - I only say they do far more for far less on many levels, natively, vs. ANY other SINGLE "so-called 'competitor'" does, & minus their bloating ineffieciency & security issues (dns/antivirus/addons that are paid off to NOT work fully by default)).

    Just know spamming Slashdot isn't going to win you any favor with it

    Many /.ers disagree w/ you (including mmell now) https://it.slashdot.org/comments.pl?sid=10221475&cid=53831639/ & https://it.slashdot.org/comments.pl?sid=10221475&cid=53831653/

    APK

    P.S.=> It's excellent in LAN/WAN settings too (a domainwide admin can easily migrate hosts to any Server or PC endpoint using scripts he runs manually, or on timed chronjobs/windows scheduled tasks, or logon/startup scripts)... apk

  38. How does insurance work? by jbmartin6 · · Score: 1

    I think you can expect that the insurance carrier will require certain measures to be in place, especially reliable and tested backups. They aren't going to insure you against ransomware per se, they will only cover any losses incurred while restoring, or something similar. And it will have to be direct, quantifiable losses, such as cost of recalling tapes from storage. If you somehow found a carrier willing to insure you against enormous undefined losses due to your own failures, you can bet the premiums will be far higher than the cost of the backups.

    --
    This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
  39. worst ransomware by Anonymous Coward · · Score: 0

    The worst ransomware is what has euphemistically come to be called "medical care."

  40. Best protection vs. ransomware? by Anonymous Coward · · Score: 0

    Prevention = best medicine (& what you can't touch can't hurt you) via NEW APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/

    Ads & malware rob speed/security/privacy

    Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).

    Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!

    Avoids DNSChangers in routers/IP settings & dns redirects (99.999% of ISP DNS != patched vs. it) + lightens DNS load & resolves faster from local system RAM!

    * Via what you NATIVELY have built into the TCP/IP stack in FASTER kernelmode!

    APK

    P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/

  41. Sure hosts do vs. DDoS/botnets etc. by Anonymous Coward · · Score: 0

    See my subject: By stopping it inside of networks by preventing users becoming accomplices enslaved in a botnet for DDoS attacks for example by blocking out the ability to obtain client malware that makes them enslaved 'zombie' system.

    Hosts also prevents the same malwares for enslavement from talking back to their Command & Control/C&C servers as well, making said malware a 'zombie' itself.

    APK

    P.S.=> Small minded people like these security experts who say hosts = good security? See here https://it.slashdot.org/commen... 5959/ there's 8 of them right there, well-known security pros, who say COMPLETELY the opposite of what you do... apk

  42. Linux ? by LienRag · · Score: 1

    Yes, backup is good, but Ransomware should not be able to operate on a good Linux OS : so, how to foolproof one's Linux distro?
    NoScript is good for preventing webexploits, but if one wants to surf the Net, at least some javascript must be allowed: what happens if one of these supposedly benign script is in fact malicious?
    They shouldn't be able to touch the root files IIUC, nor to install a ransomware, but what prevents them to encrypt the /home partition?
    I've heard of an escalation exploit in X, but don't know much more about it: is it something that one should fret about? Is there a way to protect one's system against it?

    KillDisk apparently targets Linux now, but I couldn't find an explanation on HOW he manages to do that; the best I could find was an allusion to the fact that it cannot infect a Linux by itself but runs on already infected linuxes... Is that true?