Leichter, Jerry leichter_jerrold at emc.com
Mon Jun 9 15:44:13 EDT 2008

On Mon, 9 Jun 2008, John Ioannidis wrote:

| Date: Mon, 09 Jun 2008 15:08:03 -0400
| From: John Ioannidis <ji at tla.org>
| To: "Leichter, Jerry" <leichter_jerrold at emc.com>
| Cc: cryptography at metzdowd.com
| Subject: Re: Ransomware
| Leichter, Jerry wrote:
| > Computerworld reports:
| > 
| > http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9094818 
| > 
| This is no different than suffering a disk crash.  That's what backups are
| for.
| /ji
| PS: Oh, backups you say.
Bontochev's comment as well.

Of course, there is one way this can be much worse than a disk crash:  A
clever bit of malware can sit there silently and encrypt files you don't
seem to be using much.  By the time it makes its ransom demands, you
may find you have to go back days or even weeks in your backups to get
valuable data back.

Even worse, targeted malwared could attack your backups.  If it encrypted
the data on the way to the backup device, it could survive silently for
months, by which time encrypting the live data and demanding the
ransom would be a very credible threat.  (Since many backup programs
already offer encryption, hooking it might just involve changing the
key.  It's always so nice when your opponent provides the mechanisms
needed to attack him....)
							-- Jerry

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list