Reply to post: The part that worries me

Wannacry: Everything you still need to know because there were so many unanswered Qs

Alan Brown Silver badge

The part that worries me

As a large org with BYOD policies and SMB enabled (with passwords on anything writeable) is the risk of someone getting infected externally then scrambling the samba file shares despite them residing on *nixen.

Yes they're backed up every night and yes I have triggers picking up if too many SHA256 signatures change in any given file share, but the restoration time is still a hassle.

Vista has only just gone "end of life" - which means it's a sacking offence to connect one to the network here without written permission, but Win7 is still alive (barely), so there's still a risk.

Perhaps monitored canary traps/honeypots are an appropriate defence against this kind of thing.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020