• Orbituary
    link
    English
    145 months ago

    I work in the anti-crypto scam industry. I applaud their efforts. Ethical fuckery.

      • Orbituary
        link
        English
        55 months ago

        Quite a lot, actually. This is really a summation and not comprehensive.

        • Evaluate an environment after incident:
          • looking for IOCs, determine spread
          • Determine backup status and restore if possible
          • Return environment to healthy state (AD restore, replication, networking, etc.,)
          • Lockdown of security holes
          • Advise on best practices going forward
        • Decrypt environment if client pays ransom

        etc., etc.

        Depending on the complexity of the environment, this can take a lot of time and effort: much bigger than most internal teams are capable of doing. A client I had in Feb-Mar lasted a total of 3200 hours of work between 12 people on my team across 34 locations to unfuck the situation.

    • @jeffwOP
      link
      English
      15 months ago

      That’s… an industry?

      • Orbituary
        link
        English
        15 months ago

        See my comment in a parallel conversation to this.