Would you rather: 1) Have your vulnerable systems taken offline w/o warning by whitehat (with note on how to patch) 2) Get crypto-ransom
My point exactly: would you rather have your service offline to protect it while you fix it or offline until you pay up and fix it?
-
-
That is assuming you can find out how they got in - if you don't you can expect another visit soon.
-
Ok, in that case, I would take it offline. And I would probably temporarly replace it with a honeypot if possible.
-
But assuming you are not omnipotent (are you?), others may be aware of problems in your systems. Would you want this kind of help?
-
Assuming someone shuts down my servers, I could be clueless what happend. I probably couldn't determinate the cause/problem.
-
Unless they left messages on the system explaining what happened and how to fix it, as suggested.
-
In that case, I would be thankful for the help and wouldn't mind them shutting down the server. But I couldn't trust them.
-
Trust is not relevant: the distinction between option 1 and 2 is purely in the intend of the attacker.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.