Probably Closer to the Norm in Ransomware Scenarios

Frequently, ransomware victims have an internal review of how they got behind the eight ball. You will almost never see those pre-legal reports, and if a report is ever released, it will be as informative as a politician.

The report from PWC following Ireland’s healthcare system ransomware attack is an enlightening, if not downright funny, read. Well, at least Kreb’s reporting of the report is funny.

One little nugget …

On Mar. 31, 2021, the HSE’s antivirus software detected the execution of two software tools commonly used by ransomware groups — Cobalt Strike and Mimikatz — on the Patient Zero Workstation. But the antivirus software was set to monitor mode, so it did not block the malicious commands.”

This is an automatically-generated Wiki post for this new topic. Any member can edit this post and use it as a summary of the topic’s highlights.

We might talk about computer back up strategies here. I bought three large USB flash drives and I back up to them on a rotating schedule. I use a program called Viceaversa that only updates the files that have been changed. I carry the latest flash drive in my pocket in case my house burns down while I’m away.


I think we need a new Technology category…