Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

From everything I read last year... as long as someone has write access to a shared network resource, your network is vulnerable.

I read about ways to detect it early with FSRM, but never tried it:

https://chrisreinking.com/stop-cryptolocker-from-hitting-win...

Experts, chime in? What is out there in 2017 (paid or not paid) as a way to protect network drives from ransomware?



The same way you protect those network drives from an employee accidentally or intentionally deleting everything.

Limited permissions work, backups work, journaling data storage systems with an ability to rollback all changes work.

In most environments nowadays I guess there's no valid reason to have a literal "network drive" - if your users don't need to wrangle terabyte-sized data blobs, most environments can afford the overhead to have the company document/file sharing to happen in some system that stores full history of changes, and where normal users can not remove that history even if they're malicious or infected with malware. Probably even Dropbox or its competitors would be sufficient for that, no need to go to the more enterprisy vendors.


Proper backup system?


Well yes that's obvious, I meant more along the lines of:

Are there any ways to detect and stop it from happening in 2017? Third party software? New group policies from MS?


Not really, ultimately if someone has write to your network drive, it's not any different than malware having it. The best solution is a good backup and protecting your hosts from being infected as much as possible.

I believe some people were trying to do rate limiting and traversal detection, which should be possible, but also is common in many tools, like running grep or find on a network share, so it's far from a perfect solution. It could also probably be avoided by clever malware if it were to be widely deployed.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: