Taking services/networks offline is common during incident response management so it might be indicative of them taking appropriate action rather than them being knocked off-line.
Let’s hope their service lives up to the marketing.
That's why I never trust "non-cloud" companies with cloud storage, because you never know if they suddenly don't want to do it anymore, or in this case get hacked because of incompetencies.
Seriously though, fujifilm is a conglomerate and known for their pivots. If they did not reinvent themselves, the would have been joining Kodak.
In any case it should only be one of the three copies of your data.
Anecdotally, photographers - especially professional ones , take backups quite seriously. I’ve often read good blogposts written by them on how to backup your images. And I believe the 3-2-1 rule originally came from a photographer Peter Krogh.
Having 100k employees, most of whom have admin access to their own machines (cos developer) has got to make it almost impossible to stop it happening.
What would you do to protect your company. I have limited backups but we would be done with systems down for days.
And this: https://www.usenix.org/system-administrators-code-ethics
https://docs.borgbase.com/strategy/
Also a tool like borg [1] will help you ‘do backups right’. If you’re on Windows maybe checkout restic [2].
Next, make sure you patch software as unpatched software may contain vulnerabilities which can be exploited by a threat actor. Quicker is better and automating this allows audit, consistency, and expediency.
If you’re on MacOS check out RansomWhere from objective-see : https://objective-see.com/products/ransomwhere.html
Educate users so they are aware of the risks of opening emails from people they do not know and how to identify potential phishing.
Various anti malware/anti virus software can be used in conjunction with the above but cannot be relied on by itself - defence in depth.
Also you shouldn’t feel this is all your responsibility. Try and raise this business risk with the powers that be. See if you can not only get a company mandate but also maybe obtain someone with more expertise?
These stories terrify me.
Good news: looks like your position makes you kind of manager yourself - you, to some degree, can influence and even demand things. And for sure your responsibility is to communicate state of business to the upper chain.
Or maybe just make critical systems off the internets :>
The problem is that ransomware will encrypt your files, rendering them useless, but they still end up in encrypted form in your backup.
How big is the company? If the company is big enough then it should really have an infrastructure manager or similar who is directly responsible for this sort of thing, rather than relying on seconding the dev team into managing IT.
When we were a team of five plus the owner and I gave up on getting time+budget to properly setup off-site backups, I ended up spending a weekend hacking together something with ssh+rsync to the machine under my desk at home for key data (the source repos, email, etc.) basically replicating what I did for my home data (backing up to an external site). I can't recommend this. It no doubt breaks many data protection rules. But I wasn't comfortable with the idea that my job would be entirely gone if the building burned down overnight and we lost what would be needed to restore operation. I was protecting me, not the company at that point. Luckily when we were in the process of being bought and due diligence audits came around, backup & DR concerns were taken a bit more seriously and I did get the time allocated to do something better.
> I have limited backups but we would be done with systems down for days.
Make a case to management that these attacks are not targetted at the big companies, they just happen to catch them in the net and we hear about them because they are big companies. The bots out there infecting sites will get into anywhere they can, and the blackmailers are more than happy to have many small marks instead of a few big ones. You are a target as much as Fuji or Garmin are. That case should list how long it would take to get operational again (refreshed infrastructure, restored data) if you paid for decryption and if you didn't (which in your case might be "it'll never happen" currently). Make a recommended plan and list what the restore time is for that if you had to rebuild everything. Break the restore time into essentials (what you need to support current clients) and everything else (what you need to continue new work and chase new clients).
Also include in your plan time to regularly test your backups and arrange some automated tests of key parts.
That, other than taking matters into your own hands in your own time which is as likely to get you slapped as it is to get you thanked, is all you can do. If they don't take these matters seriously, consider if you can get a job with a company that does (you'll have to if the worst happens anyway so consider planning this to be your personal DR plan even if you don't want to jump ship now).
https://malpedia.caad.fkie.fraunhofer.de/details/win.qakbot
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclo...
No. Lots of big names will payout ransoms, that's why it works. [0]
[0] https://heimdalsecurity.com/blog/ransomware-payouts-of-2020/