Pages: [1]   Go Down

Author Topic: How would a Ransomware attack to on-line apps affect your processes?  (Read 1615 times)

Alan Klein

  • Sr. Member
  • ****
  • Online Online
  • Posts: 11238
    • Flicker photos

Garmin, maker of GPS and navigation systems that require on-line connection, has been attacked.  Unless they pay a ransom, their systems won't be released to their users some of whom are pilots.  Does that make you question on-line cloud storage and photographic and other apps that operate on-line and how should you prepare for such contingencies? 

Joe Towner

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 1260
Re: How would a Ransomware attack to on-line apps affect your processes?
« Reply #1 on: July 27, 2020, 12:02:19 am »

If you have all your photos in one place, this is what you should expect.

Cloud providers have a minimal liability for data loss - at best the few bucks you paid them the last month.  Nothing beyond that.

Multiple places - a mix of local, cloud & offline storage.
Logged
t: @PNWMF

Alan Klein

  • Sr. Member
  • ****
  • Online Online
  • Posts: 11238
    • Flicker photos
Re: How would a Ransomware attack to on-line apps affect your processes?
« Reply #2 on: July 27, 2020, 08:45:14 am »

If you have all your photos in one place, this is what you should expect.

Cloud providers have a minimal liability for data loss - at best the few bucks you paid them the last month.  Nothing beyond that.

Multiple places - a mix of local, cloud & offline storage.
Users lost the ability to use Garmin on-line program required to operate their Garmin equipment.  WHat if something like that happens with Adobe PS or Lightroom operating on-line?

degrub

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 1453
Re: How would a Ransomware attack to on-line apps affect your processes?
« Reply #3 on: July 27, 2020, 10:21:18 am »

isn't the answer obvious ? you loose any service that requires internet confirmation / linkage for the period of the outage.

If you are concerned about your files, as mentioned, have secondary and tertiary backup.
Logged

Joe Towner

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 1260
Re: How would a Ransomware attack to on-line apps affect your processes?
« Reply #4 on: July 27, 2020, 01:36:39 pm »

Users lost the ability to use Garmin on-line program required to operate their Garmin equipment.  WHat if something like that happens with Adobe PS or Lightroom operating on-line?

So it wouldn't be that bad for PS/LR classic users, that is until their session times out, thus looking to the cloud to renew the license.  If it failed to renew, it would fall back to demo mode and count down 7 or 14 days.

As to how an outage like this would impact Adobe, it would be huge & horrible, but given how much they take in ($3.15Billion last quarter) their security structure & investments are significantly greater than Garmin.
Logged
t: @PNWMF

Alan Klein

  • Sr. Member
  • ****
  • Online Online
  • Posts: 11238
    • Flicker photos
Re: How would a Ransomware attack to on-line apps affect your processes?
« Reply #5 on: July 27, 2020, 03:27:30 pm »

So it wouldn't be that bad for PS/LR classic users, that is until their session times out, thus looking to the cloud to renew the license.  If it failed to renew, it would fall back to demo mode and count down 7 or 14 days.

As to how an outage like this would impact Adobe, it would be huge & horrible, but given how much they take in ($3.15Billion last quarter) their security structure & investments are significantly greater than Garmin.
So the thieves would ask for $100 million instead of $10 million.  Can you operate PS and LR if Adobe site is down?  Is there a fall back position to operate off line?

degrub

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 1453
Re: How would a Ransomware attack to on-line apps affect your processes?
« Reply #6 on: July 27, 2020, 03:52:39 pm »

yeah, we all come here and have "conversations".

Hopefully, Adobe knows something about backup strategy.  ::) :o
Logged

Joe Towner

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 1260
Re: How would a Ransomware attack to on-line apps affect your processes?
« Reply #7 on: July 27, 2020, 09:20:35 pm »

So the thieves would ask for $100 million instead of $10 million.  Can you operate PS and LR if Adobe site is down?  Is there a fall back position to operate off line?

Yes, Adobe can be down for 99 days if you're an annual payment.  If you're a monthly subscriber, after 30 days it'll bug you, and you can cancel past the message for another 69 days.  I fully expect that Adobe would be able to recreate their entire online presence in that time, even going as far as hacking their own licensing function before folks were broken. Much like there are cracks out there for bypassing the current licensing setup.

https://helpx.adobe.com/creative-cloud/kb/internet-connection-creative-cloud-apps.html
Logged
t: @PNWMF

fdisilvestro

  • Sr. Member
  • ****
  • Offline Offline
  • Posts: 1671
    • Frank Disilvestro
Re: How would a Ransomware attack to on-line apps affect your processes?
« Reply #8 on: July 28, 2020, 06:55:16 pm »

You need a physically disconnected backup, preferably 2 or more versions. Remember tapes and optical disks?

FabienP

  • Full Member
  • ***
  • Offline Offline
  • Posts: 192
Re: How would a Ransomware attack to on-line apps affect your processes?
« Reply #9 on: July 31, 2020, 04:49:47 pm »

Yes, Adobe can be down for 99 days if you're an annual payment.  If you're a monthly subscriber, after 30 days it'll bug you, and you can cancel past the message for another 69 days.  I fully expect that Adobe would be able to recreate their entire online presence in that time, even going as far as hacking their own licensing function before folks were broken. Much like there are cracks out there for bypassing the current licensing setup.

https://helpx.adobe.com/creative-cloud/kb/internet-connection-creative-cloud-apps.html

That's assuming there has been a check for both Lightroom and Photoshop the day before. I recently had the case where Photoshop wasn't started for quite some time on my laptop (second installation). I was offline when I wanted to start the application and couldn't proceed beyond the check.

For that reason I have no interest in a dependency to cloud components where there is no need for those.

Garmin Connect still won't synchronise my bike GPS tracks after about 10 days of service disruption. And it seems they paid the ransom using an intermediary (better for liability) and got valid decription keys, so that is hardly the worst case for recovery.

Cheers,
FabienP
Logged
Pages: [1]   Go Up