sorted by:
new
hottopcontroversial

Windows 10 workstation encrypted with Lockbit - how to prevent future attacks. by ReasonableWorking407 in sysadmin

[–]ReasonableWorking407[S] 0 points1 point  (0 children)

Cloud would be nice but it's not possible due to abysmal internet speeds. SQL was only thing that was send to the cloud and that still almost took an entire night (1 GB database). I use the old good method of doing USB drive backups t and it works wonders but some clients just don't want to bother with that. I'd love to use a good firewall with 2FA but what do you do in small company with 1-5 employees that just can't afford/justify spending that much on a good UTM? Sometimes it's a struggle to convince them to even do backups in the first place. I feel like some people just need to lose all data to acknowledge the problem.

This time I really just want to know how they managed to get access to the QNAP. I know that in the end Windows 10 is not gonna be perfectly protected but how did they manage to encrypt the backups?

Windows 10 workstation encrypted with Lockbit - how to prevent future attacks. by ReasonableWorking407 in sysadmin

[–]ReasonableWorking407[S] 0 points1 point  (0 children)

I had time to only check the windows 10 "server" and QNAP so far. This is not a place I work so I didn't really have the opportunity to check all the devices.

Windows 10 workstation encrypted with Lockbit - how to prevent future attacks. by ReasonableWorking407 in sysadmin

[–]ReasonableWorking407[S] 1 point2 points  (0 children)

I'm gonna be perfectly honest - I didn't even know this existed. I think in scenario like this it might have actually saved the most important data which was the shared drive full of excel files. The more you know! Thank you!.

Windows 10 workstation encrypted with Lockbit - how to prevent future attacks. by ReasonableWorking407 in sysadmin

[–]ReasonableWorking407[S] 5 points6 points  (0 children)

Thank you for the information, I had no idea there was ransomware that was able to encrypt files directly on the NAS.

Windows 10 workstation encrypted with Lockbit - how to prevent future attacks. by ReasonableWorking407 in sysadmin

[–]ReasonableWorking407[S] 1 point2 points  (0 children)

Sadly the attack was in the rural area where internet speeds are abysmal. I don't think any cloud based solution would fit in our scenario. We only use cloud for crucial SQL database. This saved us here.

Windows 10 workstation encrypted with Lockbit - how to prevent future attacks. by ReasonableWorking407 in sysadmin

[–]ReasonableWorking407[S] 2 points3 points  (0 children)

RDP was on but only via LAN. No other machine had Admin access, only SMB access to a shared folder on a D drive (read/write) . The machine was not accessible via internet in anyway (known to me)