“The trouble with ransomware right now is that it behaves like a standard application. It doesn’t require local administrator privileges, it doesn’t care if UAC is on, and most of them make use of the standard Windows API for encryption, which you can’t disable without really messing up a workstation. So, if we can’t control the behaviors, we have to make do for controlling the vectors.”
Daniel Tharp – AWS Certified Professional Systems Architect for RSI
Source: CSO ONLINE
About Daniel Tharp (from his LinkedIn’s profile):
I’ve spent over 25 years breaking computers and about 15 fixing them. I’ve done a little of everything over the years, from sysadmin and networking to PHP and C# devops, to database design and architecture, to information security and data forensics. These days I work primarily as a cloud architect, leveraging AWS and infrastructure-as-code concepts, but I’ve found that the ability to talk the same language as other teams is never a bad thing.
