Re: Can somebody explain these ransomwear attacks?

[Michael Thomas <mike () mtcc com>]

On 6/25/21 8:39 AM, Karl Auer wrote:
> On Fri, 2021-06-25 at 10:05 -0400, Tom Beecher wrote:
> > Everything can be broken, and nothing will ever be 100% secure. If
> > you strive to make sure the cost to break in is massively larger than
> > the value of what could be extracted, you'll generally be ahead of
> > the game.
> Easy to say.
>
> IMHO the only workable long-term defence is heterogeneity - supported
> by distribution, redundancy and just taking the simple things
> seriously.
>
> Business has spent the last few decades discarding heterogeneity and
> the bigger they are, the more comprehensively they have discarded it.
> Companies that are floor to ceiling and wall to wall Windows.
> Centralised updates, centralised networking, centralised storage,
> centralised ops teams, and (typically) a culture of sharing. A
> relentless prioritising of convenience over security. For goodness
> sake, even the NSA had the attitude that "if you are this side of the
> drawbridge you must be OK"!
>
> We need to start building systems that are not seamless, that are not
> highly interchangeable, that are not fully interconnected, and we have
> to include our human systems in that approach.
How does one go about that in real life? You certainly want your servers 
patched with the latest security updates. For all intents and purposes 
there is just Windows and Linux. I suppose you could throw in some 
hardware diversity with ARM or MIPS.

Routers are definitely in better shape on that front as there are lots 
of choices and at least Cisco has tons of different BU's that compete 
with each other with different software and hardware.

Mike