From owner-freebsd-questions@freebsd.org Thu Mar 24 19:58:36 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AE35FADC4DA for ; Thu, 24 Mar 2016 19:58:36 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mailman.ysv.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 998221D13 for ; Thu, 24 Mar 2016 19:58:36 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: by mailman.ysv.freebsd.org (Postfix) id 94F1BADC4D9; Thu, 24 Mar 2016 19:58:36 +0000 (UTC) Delivered-To: questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 949E2ADC4D8 for ; Thu, 24 Mar 2016 19:58:36 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx02.qsc.de (mx02.qsc.de [213.148.130.14]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3DE121D12 for ; Thu, 24 Mar 2016 19:58:35 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from r56.edvax.de (port-92-195-32-102.dynamic.qsc.de [92.195.32.102]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx02.qsc.de (Postfix) with ESMTPS id 5B55D277E5; Thu, 24 Mar 2016 20:58:27 +0100 (CET) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id u2OJwPbO002760; Thu, 24 Mar 2016 20:58:26 +0100 (CET) (envelope-from freebsd@edvax.de) Date: Thu, 24 Mar 2016 20:58:25 +0100 From: Polytropon To: "Brandon J. Wandersee" Cc: questions@freebsd.org Subject: Re: Anti-virus for FreeBSD Message-Id: <20160324205825.2b14c0bf.freebsd@edvax.de> In-Reply-To: <86io0bpssb.fsf@WorkBox.Home> References: <44909.128.135.52.6.1458829510.squirrel@cosmo.uchicago.edu> <56F3FA4C.4020707@tundraware.com> <19103.128.135.52.6.1458839363.squirrel@cosmo.uchicago.edu> <86io0bpssb.fsf@WorkBox.Home> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Mar 2016 19:58:36 -0000 On Thu, 24 Mar 2016 14:41:56 -0500, Brandon J. Wandersee wrote: > Ransomware is probably the least > threatening of malware out there, since it seems limited in effect and > is thwarted by regular backups. Interesting point of view. :-) Here are a few impressions regarding ransomware (which I think could be the next "big thing" especially in the industry space as well as in the "cloud" - because it's so easy to trick users into doing something wrong, and then they don't have any chance to avoid paying). Especially where R&D takes place (or "corporate secrets", "new invention", "big data of clients" etc. are vital to business operations and how companies are perceived by the public), this could have a _massive_ impact. http://krebsonsecurity.com/2016/03/hospital-declares-internet-state-of-emergency-after-ransomware-infection/ http://www.reuters.com/article/us-apple-ransomware-idUSKCN0W80VX http://www.networkworld.com/article/2906983/security0/massachusetts-police-department-pays-500-cryptolocker-ransom.html http://www.theguardian.com/technology/2013/nov/21/us-police-force-pay-bitcoin-ransom-in-cryptolocker-malware-scam https://securityledger.com/2015/10/fbis-advice-on-cryptolocker-just-pay-the-ransom/ http://arstechnica.com/security/2015/11/crypto-e-mail-service-pays-6000-ransom-gets-taken-out-by-ddos-anyway/ http://hothardware.com/news/sony-comes-to-a-screeching-halt-targeted-by-massive-ransomware-hack http://arstechnica.com/security/2013/10/youre-infected-if-you-want-to-see-your-data-again-pay-us-300-in-bitcoins/ http://www.tekconn.com/news/managed-it/hackers-ransom-data-stolen-from-illinois-medical-facility/ As you mentioned "backups": What is their value when they are permanently online and accessible (bacause that's sooo conventient for the users) - and therefore get encrypted, too? ;-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...