- Nov 8, 2010
Indeed. Far from being 'dumb', the attackers are as least as smart as the SysAdmin that operate and protect the machines being attacked. They have probably been inside the Garmin servers for months, slowly increasing their system privileges, maximizing the range of files they can encrypt. They do not want to steal anything. No tracing. Get the bitcoin ransom and get out.I dont think most people understand how difficult is is to make a sever secure. To observe anything useful on the sever it must be made less secure.
If i was a hacker id create something that sits tight in the host for weeks, play the long game. Any back up less than a couple weeks old would be compromised.