Would you rather: 1) Have your vulnerable systems taken offline w/o warning by whitehat (with note on how to patch) 2) Get crypto-ransom
...assuming you know all the vulnerable parts and that you can disable them without loss of functionality. This is not the case.
-
-
loosing some functionallity is still better than loosing all of it. Also, everything has some vulnerabillities.
-
My point exactly: would you rather have your service offline to protect it while you fix it or offline until you pay up and fix it?
-
That is assuming you can find out how they got in - if you don't you can expect another visit soon.
-
Ok, in that case, I would take it offline. And I would probably temporarly replace it with a honeypot if possible.
-
But assuming you are not omnipotent (are you?), others may be aware of problems in your systems. Would you want this kind of help?
-
Assuming someone shuts down my servers, I could be clueless what happend. I probably couldn't determinate the cause/problem.
-
Unless they left messages on the system explaining what happened and how to fix it, as suggested.
-
In that case, I would be thankful for the help and wouldn't mind them shutting down the server. But I couldn't trust them.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.