Ransom ware has been one of the biggest threats that is confronting IT users at present. Many companies have found that their critical resources have been rendered useless with the ransomware encrypting the files and demanding a ransom for release of the decryption key.
It is however heartening to note that researchers at Kasparesky have recently found a way to decrypt files encrypted by CryptXXX.
The solution works if the user can produce one original unencrypted copy of a file that has been encrypted by the CryptXXX and the key can decrypt all other files of size equal to or less than the subject file used for finding the decryption key.
This means that if the file used for breaking the encryption is the largest file in the system, the entire set of encrypted files can be decrypted.
Henceforth it is therefore a security strategy to find out which is the largest file in the system and take a backup in an offline environment.
Hopefuly, at least a few can find relief from this strategy…until a new updated version of CryptXXX with a work around hits the market.
Anyway, we need to thank Kasparesky for the solution…
Naavi
Backup is one of the most essential and important control in IT/IS/Cyber Security.
If a person has the will and motivation and discipline to back up the biggest file, s/he can as well backup the whole data. Why restrict to biggest file only?
Further, biggest file may not be static, which may not change over time. Thus, dynamic biggest file also need to be backed-up periodically else the backed-up fill will not match with encrypted file. ;-))
I agree… may be concurrent back up of the largest file…and in an external media could be an add on to the normal back up policy which may be end of the day…on a network…