Logicamp grid falls victim to ransomware
The Belgium-based Logicamp grid has suffered a catastrophic ransomware attack, and has lost some content due to a lack of current off-line backups.
“I know that it is unforgivable but I am alone to manage everything and I can not do more,” grid owner Didier Preudhomme told Hypergrid Business.
Logicamp is a small grid, with 160 regions and about 30 active monthly users.
He said that the grid was attacked by the Thor virus, which encrypted all the files it could find.
The grid website was damaged, he said, as were many OpenSim files.
The attackers demanded 0.9 Bitcoin, or about 650 Euros, to restore the files.
But Preudhomme said that he was not able to get the files decrypted.
“I managed to restore the grid as it was a year ago,” he said.
He’s also changed how the grid handles its backups.
“Backups are now performed automatically once a week on an external hard disk,” he said.
Ransomware that infects computers or servers and encrypts all files they can find can often reach into devices that are connected on the same network, such as storage equipment. For protection, grids should keep copies of backups in places that are completely disconnected to the main servers and check regularly to make sure that the backups are correctly stored and can be retrieved.
Individual residents can also protect themselves by requesting exports of their regions and inventories in the form of OAR and IAR files, respectively. Many grids and hosting companies offer this option, though some filter out non-exportable items first, since these files can easily be transferred to other grids or distributed to other users.