[talk] Suggest meeting topic: role of BSD in response to ransomware

Jesse Callaway bonsaime at gmail.com
Tue Jul 11 10:49:17 EDT 2017


On Tue, Jul 11, 2017 at 7:33 AM, Okan Demirmen <okan at demirmen.com> wrote:

> On Tue 2017.07.11 at 19:38 +0530, Sujit K M wrote:
> > On Tue, Jul 11, 2017 at 7:01 PM, James E Keenan <jkeenan at pobox.com>
> wrote:
> > > Here's a topic I wouldn't mind seeing discussed at a future NYCBUG
> meeting:
> >
> > Are you suggesting that since FreeBSD is the defacto standard in
> > Networking Routers?
>
> I don't want to distract from the question James asked, but this statement
> above is incorrect; I typically refain from responding to these, but this
> is
> just wrong.
>
> > Or Are you suggesting the High Availability to Loads that it can support?
> >
> > >
> > > Is there a role for the BSDs in response to massive ransomware attacks?
> >
> > I have never understood these attacks. I find it solely because of
> > illiterate professionals.
> > It can always be avoided.
>
> It is because the frameworks allow for it.
>
> > > In the last few months ransomware attacks such as WannaCry
> > > (https://en.wikipedia.org/wiki/WannaCry_ransomware_attack) have had a
> > > devastating effect on large organizations.  Organizations affected
> include
> > > one of the largest law firms in the country and one of the world's
> largest
> > > advertising agency networks.  Such organizations are, typically,
> "Windows
> > > shops."
> > >
> > > Suppose that you are a sysadmin or other, non-executive-level techie
> in such
> > > an organization.  You've heard about FreeBSD and OpenBSD and you
> wonder,
> > > "Would using these OSes have helped us either resist a ransomware
> attack?
> > > Could they help us recover better from such an attack?"
> >
> > I agree We are better equipped.
> >
> > >
> > > I ask because I know such people.  Their organizations have decades of
> > > investment in Windows, so, under normal circumstances, it's difficult
> for
> > > them to argue the case for other OSes.  But these are not normal
> > > circumstances.  Is there an "elevator pitch" we could provide them for
> > > exploring BSD?
> > >
> > > Thank you very much.
> > > Jim Keenan
> > >
> > > _______________________________________________
> > > talk mailing list
> > > talk at lists.nycbug.org
> > > http://lists.nycbug.org/mailman/listinfo/talk
> >
> > _______________________________________________
> > talk mailing list
> > talk at lists.nycbug.org
> > http://lists.nycbug.org/mailman/listinfo/talk
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
>


https://wikileaks.org/vault7/

Most of these exploits are Windows. It's just the easiest target. There's
certainly at least this body of "tools" one can point to, and by inference
on the art of war the bad guys doing ransomware are using similar
technology. So far all ransomware attacks I've heard of (ever) target
Windows networked storage.

I am certainly interested in how an office can use network storage without
using Windows software, in a practical manner. Would be good to hear
people's ideas on this. EG: How can you get a 20 person accounting firm to
be more secure against such an attack while having to run Quickbooks and
whatever their favorite tax software is, using shared document storage.

-- 
-jesse
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20170711/eec51c83/attachment-0001.html>


More information about the talk mailing list