'If you pay, you're fuelling global organised crime'

******** Let's not forget THE ENTIRE REASON they stopped supplying fuel is because their computer systems got hacked so they couldn't see who has to pay the bill for the fuel. So they stopped supplying the fuel because they couldn't keep track of the bills. NOT BECAUSE THEY COULDN'T SUPPLY. They stopped because they wouldn't make money of it, for their own personal gain!!!!!! If they cared about the country they would have kept supplying for a week or two while the systems are down even if they don't make money off of it, and then resume as normal. They're already rich as it gets. But no. It wasn't the hackers that made em stop, they CHOSE to stop the fuel supply THEMSELVES!!!!!!!!! And now saying ******** about the country.

 

"CNA Financial Paid $40 Million in Ransom After March Cyberattack

CNA Financial Corp., among the largest insurance companies in the U.S., paid $40 million in late March to regain control of its network after a ransomware attack, according to people with knowledge of the attack, Bloomberg News reports...

The Chicago-based company paid the hackers about two weeks after a trove of company data was stolen, and CNA officials were locked out of their network..."

https://www.bloomberg.com/news/arti...-40-million-in-ransom-after-march-cyberattack

 

"Cyber insurance premiums rise as ransomware, hacks continue, GAO finds

Growing number of cybersecurity incidents has led many insurers to raise premiums and some to limit coverage in especially risky areas, such as health care and education, according to new findings from a U.S. government watchdog...

More than half of the brokers surveyed by an industry group said that their clients saw premiums increase between 10% and 30% in late 2020, the report noted...

...Insurers... reduce[d] cyber coverage limits for certain riskier industry sectors … and for public entities and to add specific limits on ransomware coverage...

The GAO study also raises the prospect that the market may be leaving behind smaller businesses that can’t afford coverage..."

https://www.cyberscoop.com/cyber-insurance-ransom-hack-payments-gao/

 

They literally have 1 purpose, to cover our damage, and they don't even do that, trying to get away from anywhere where they actually have to cover it. It's like their only goal is to make money and not to actually act as a proper insurance. Oh wait, that's how it is in the US. My bad.

 

"Exagrid pays $2.6m to Conti ransomware attackers

Backup appliance specialist hit by Conti ransomware in May with cyber criminals downloading employee and customer data, confidential contracts and source code...

Accession to the ransomware attacker’s demands was made more embarrassing when the backup appliance supplier – which makes a big play of its strengths against ransomware – accidentally deleted the decryption tool and had to ask for it again...

Negotiations continued and lasted until 13 May. All through this period, the attackers shared files with ExaGrid via Sendspace to show what they had been able to access..."

[Interesting read re: negotiations with attacker]

https://www.computerweekly.com/news/252501665/Exagrid-pays-26m-to-Conti-ransomware-attackers

 

Nope.
Also, tell me again, why is this stuff connected to the public internet?

 

Spoken like a true believer.
And, of course, if you were an employee you would gladly go to work for 2 - 3 - 4 weeks and be content about not being paid for any of that.
All the bleeding heart posts in this forum regarding this subject are [probably] from people that have never owned or operated their own business.

Ransomware has become a cost of doing business. A recent Randori survey that polled 400 security decision-makers across the US confirms that impression: among the companies that were hit by ransomware in the past two years, 47% have paid the ransom. I'm actually a little surprised by that number - I thought it would closer to 80%.

I think you'll find that their only goal is to make money. It's a business.
That's how they pay their staff - with profits.

Ransomware premiums have risen approx 30% because of the attacks we are seeing. It's the old supply and demand principal.
I would be very interested to know what your business plan is for insurance companies to "act as a proper insurance" AND also make money.

 

State Legislatures Consider Bans on Ransomware Payments
June 18, 2021
https://www.alstonprivacy.com/state-legislatures-consider-bans-on-ransomware-payments/

 

Ignorance is not a legal excuse for paying sanctioned ransomware groups
June 25, 2021
https://www.scmagazine.com/home/sec...cuse-for-paying-sanctioned-ransomware-groups/

 

Think Tank Calls for Government Review into Banning Ransom Payments
June 30, 2021
https://www.infosecurity-magazine.com/news/banning-ransom-payments/

 

"Global cyber insurance pricing spikes 32%

Global cyber insurance pricing has increased 32% as insurers continue to grapple with increasing cyber risks, according to a new report from international insurance broker Howden.

The report, titled Cyber Insurance: A Hard Reset, examines how three key factors are driving today’s cyber insurance market – rampant ransomware attacks, higher rates and changing regulations...

For US companies that decided to pay a ransom in the first quarter of 2021, the average payment was up more than 400% from FY2019. The average cost of ransomware remediation has also increased, rising to US$1.85 million this year from US$700,000 in 2020. Average remediation costs in several major markets, including the US, now exceed US$2 million, according to the report.

Insurers are also demanding more from businesses’ cyber resilience and are only willing to deploy capacity if they are satisfied by companies’ risk management frameworks, the report found..."

https://www.insurancebusinessmag.co...surance-pricing-spikes-32--report-259795.aspx

 

Australian organisations are quietly paying hackers millions in a 'tsunami of cyber crime'

https://www.abc.net.au/news/science...-paying-millions-ransomware-hackers/100291542

 

I recently spoke with a group of state legislators trying to wrap their heads around both the impact of ransomware on businesses in their communities and what they should do with regard to cyber insurance. Is the general view here (and amongst cyber security researchers) that payments simply fuel organized crime? I understand that concern but then I wonder - what are these businesses to do? Especially those that are small and defenseless?

 

Only stupid criminals continue to rob banks. There's a more surefire and untraceable way to illicit riches with ransomware.

As long as the victims pay up, cybercrime will remain profitable.

 

Well I'm sorry [not really] but I gotta larf.
Unless OpenSubtitles users are using their passwords at multiple sites who cares?
If they are then it's on them, not the website.
Because that's all the hackers got - no credit card details, no real names, no addresses, no nothing.
Take a look at the rego requirements
https://www.opensubtitles.org/en/newuser

I don't know why they even paid the ransom.

 

Agreed, but likely a good portion of them are. I get tired of telling people not to reuse passwords. And they do it anyway.