If a single click on a phishing email can ruin the entire company, the blame doesn’t lie with that individual.

  • MedievalPresent
    link
    fedilink
    arrow-up
    22
    ·
    4 months ago

    While I somewhat agree, there are things even the best spam filters can’t filter and Zero-Day-CVEs that Sys-Admins can’t fix.

    On the other hand, the company should be confident in their backups, which in most cases should allow for a continuation of their activities.

    • TheKMAP@lemmynsfw.com
      link
      fedilink
      English
      arrow-up
      8
      ·
      4 months ago

      You’re forgetting all the hardening in the middle to prevent the privilege escalation that would enable mass deployment of ransomware.

    • gencha@lemm.ee
      link
      fedilink
      arrow-up
      7
      ·
      4 months ago

      Adversaries are well prepared. Go restore your cold archive from tape, petabytes worth, see how long it’ll take you. See how much data you missed before the last snapshot.

      Ransomware is no joke and nobody is actually prepared for it.