On 23rd February, the Krebbs on Security blog carried a post about the experience of Apex Human Capital Management, which chose to pay the ransom demand and begin the process of restoring service to customers when it had its systems restored. The company took all of its systems offline, and began notifying customers that it was trying to remediate a security threat. Outside security advisers agreed was that paying the ransom was the fastest way to get back online; but the company declined to specify how much was paid or what strain of ransomware was responsible for the attack. However, instead of restoring all files and folders to their pre-encrypted state, the decryption process broke countless file directories and rendered many executable files inoperable. The post also includes a few tips for preventing and dealing with ransomware attacks.
https://krebsonsecurity.com/2019/02/payroll-provider-gives-extortionists-a-payday/
raytodd.blog 