Massachusetts city tells ransomware scumbags to RYUK off, our IT staff will handle this easily

https://theregister.co.uk/2019/09/...

So someone makes offsite backups.

Did they say that before or after consulting the IT department?

Paying ransom won't help anyway. If you're hit by ransomware, you're screwed.
The best action is to prevent the attack. And the best measure is... tadaaaa... not using Windows. Up to now there is only ransomware for Windows.

@ddephor except, there's been several Linux based ransomware attacks.

I believe Lilu was the latest.

@ddephor besides that it's not true, there are more windows users thus it's targeted more. If people start using Linux as their main system then Linux will be targeted and windows would be more safe.

@Codex404 It is not true that Linux would be equally unsecure if it was more popular. The security and user management of Linux is way better than Windows. Which is not surprising, as Linux is a multi-user system from the early stages, where on Windows all that is more or less a tinkered add-on.

All Linux malware I know need a local user or a buggy userspace program. The first is dangerous, but not a usual attack vector for linux users and the latter only gains access limited to the privileges of the user running the attacked software, which limits the impact.

On Windows there are security advisories for big holes on the system/kernel level nearly every week, allowing drive-by-infections opening the whole system.

And even if it is just a buggy userspace software, it usually runs with enough privileges to severely damage the whole system.