Remember the move “Ransom” (1956, remade in 1977). The twist is when the father of the kidnapped child goes on television to announce that the money won’t be paid as ransom, but as a reward to whomever turns in the kidnapper.
I think that if enough agencies get together, this might be an alternative strategy to tracking down these bastards. I can’t imagine they spend their time entirley in the company of wholesome and upright humans, and sooner or later someone will value the reward more than their association with them.
Re: Bounty Hunters
Emotionally appealing, but how to prove that the *right* bastard has been thrown into the Moscow River?
I would have thought it was high time for governments to create an agency devoted to general cyber-defence instead of those concentrating exclusively on intelligence and military work.
If governments are willing to spend billions on the failed "War on Drugs", supposedly to protect the citizenry, you'd have thought it logical to build a civil defence and policing operation to identify, counteract, root out and nail malware scum.
They don't say what, if any, attempts were made to recover the system without paying the ransom. It's always going to be worthwhile booting a recovery disk such as TRD ( http://trinityhome.org ) and seeing if a tool such as photorec can find unencrypted copies.
That's a bit harsh, Capita aren't that bad, are they?
Knee jerk response seems to be from them "if in doubt - go more into the cloud"
There was probably a reason they didn't go fully in to begin with, the failings here don't seem to be related to the use of local storage, they're to do with the lack of protection, probably a lack of training for staff and a lack of a proper local backup.
Going to fully cloud just changes the risks, doesn't necessarily lessen them.
Moving to the cloud only changes risks
Yes... sort of.
I head up IT at an Australian not for profit and we were also hit by a crypto locker. As you probably know, the malware accesses any location it can (local drive; file server; USB etc.) and then runs the encryption.
What was interesting is those with a synchronised OneDrive for Business & files stored in SharePoint (part of 365), were fine - nothing was touched.
So yes, moving to the cloud introduces it's own risks (and a bigger reliance on network & its redundancies), but in the scenario of some Einstein with local admin, running ransomware, moving to the cloud is a good solution.