Originally published at: Ransomware: Implementing a "No Concessions" Ransomware Policy
Ransomware has emerged as a particularly relentless and disruptive force against organizations worldwide. The debate over whether to adopt a “no concessions” policy—refusing to pay ransoms to cybercriminals—mirrors long-standing discussions in counter-terrorism and hostage situations. This article aims to explore the various facets of this debate, considering ethical, legal, and strategic dimensions, and evaluating the…
Please have no hesitation to add any experiences, links or suggestions.
Users should be especially careful about open ports for file sharing. Security weaknesses in file-sharing applications such as FTP and Samba will allow ransomware infection very easily. Here are a few ways to prevent them;
- Do not open file sharing unless necessary,
- Limiting the files that the application can access when sharing files,
- Always make sure that the file-sharing app used is updated to the latest version,
- Use difficult-to-guess passwords or use private-public key pairs to prevent brute force attacks.
I’ve had ransomware infect my Samba shares before. However since I was using the Samba program in Docker and only had limited file access, I was able to detect it before it infected the entire server.