'If you pay, you're fuelling global organised crime'

ronjor · Jun 24, 2019

By Joe Tidy BBC Cyber-security reporter

When malicious hackers disable your business and demand a ransom, should you pay up? Many firms do out of desperation, turning to intermediaries to help broker the deal. But law enforcement says this just makes things worse.
Click to expand...

hawki · Jun 24, 2019

This morning,The Washington Post ran an opinion piece calling for a federal law forbidding the payment of ransom to hackers.

"Hackers are taking cities hostage. Here’s a way around it..."

https://www.washingtonpost.com/opin...4e6b2b46f6a_story.html?utm_term=.9de5884de293

FanJ · Jun 24, 2019

Quotes from the FAQ page of The No More Ransom project:
https://www.nomoreransom.org/en/ransomware-qa.html

If attacked, should I pay the ransom?
Click to expand...

Paying the ransom is never recommended, mainly because it does not guarantee a solution to the problem. There are also a number of issues that can go wrong accidentally. For example, there could be bugs in the malware that makes the encrypted data unrecoverable even with the right key.

In addition, if the ransom is paid, it proves to the cybercriminals that ransomware is effective. As a result, cybercriminals will continue their activity and look for new ways to exploit systems that result in more infections and more money on their accounts.
Click to expand...

ronjor · Jun 26, 2019

City ransomware attacks and huge payouts mean a once-private corporate problem has gone public

Kate Fazzini@KateFazzini 26 June 2019
Three cities have fallen victim to ransomware attacks in recent weeks, and criminals appear to be quickly pivoting to take advantage of the fact some have shown a willingness to pay six-figure ransoms.
Atlanta’s Mayor testified Tuesday on how the fallout from these attacks could be mitigated with more help from the federal level.
Cities may have been caught off guard by the attacks, but corporations have been quietly battling the problem for years.
Click to expand...

guest · Jul 7, 2019

A City Paid a Hefty Ransom to Hackers. But Its Pains Are Far From Over
July 7, 2019
https://www.nytimes.com/2019/07/07/us/florida-ransom-hack.html

Lake City, Fla., [...] The city had fallen victim to what is called a triple-threat Ryuk attack, which is usually spread through spearphishing emails.
“The most impactful was the loss of the email,” said Mike Lee, a spokesman for the police department. “That probably hit everybody in the city the hardest.”

Law enforcement officials worry that the vulnerability of cities like Lake City — and the hefty ransoms paid out in recent months — will encourage more attacks.
Mr. Lawson, of the F.B.I.’s cyber division, said the bureau’s official position was that victims should not pay ransoms. But many city officials and computer network specialists say that cities often have no choice.
“These groups are always trying to find that sweet spot: What is enough someone will consider paying but not so much that they’ll say, ‘Forget that. It’s easier to rebuild,’” said Mark A. Orlando, the chief technology officer for Raytheon Intelligence Information and Services.

It is unrealistic to think cities can maintain firm “no ransom” policies, he said. “Anyone who said that has never been in charge of a municipality that has half their services down and no choice.”
Click to expand...

guest · Jul 8, 2019

Boards paying cyber ransoms should quit
July 8, 2019
https://www.afr.com/technology/web/security/boards-paying-cyber-ransoms-should-quit-20190707-p5250n

Ransomware cases, where organisations are hit by a cyber attack and receive financial demands for the return of documents or systems, are exploding globally ... and in a disappointing number of the severe attacks, the victim organisations are responding by paying the ransom.

By authorising a ransomware payment, an executive is admitting that they have failed to adequately prepare their organisation for operations in the 21st century. The board should also be held to account.
If a ransom is paid, the board has failed to deliver on its core purpose, because if paying criminals is the only way to resume operations, then that organisation’s leaders do not practice good governance.

The ethics of making a ransomware payment is clearly troubling in itself, because you are essentially showing yourself to be the kind of organisation that would prefer to give money to criminals than commit to mature technology practices.
Click to expand...

xxJackxx · Jul 8, 2019

Instead of giving these hackers million dollar payouts they should spend the money to locate them and send a military response to their door...

ronjor · Jul 12, 2019

Mayors around the country join forces to fight hacker ransoms

By Dani Deahl@danideahl Jul 12, 2019
Twenty-two cities have been targeted in 2019 alone
Click to expand...

ronjor · Jul 15, 2019

As ransomware rages, debate heats up on response

by Rob Lever July 14, 2019
Pay or resist?
While the FBI and others warn against paying ransoms, some analysts say there is no clear answer for victims when critical data is locked.
"You have to do what's right for your organization," Falco said. "It's not the FBI's call. You might have criminal justice information, you could have decades of evidence. You have to weigh this for yourself."
Click to expand...

guest · Jul 15, 2019

xxJackxx said: ↑

Instead of giving these hackers million dollar payouts they should spend the money to locate them and send a military response to their door...
Click to expand...

Vigilantism is against the law AFAIK

xxJackxx · Jul 16, 2019

guest said: ↑

Vigilantism is against the law AFAIK
Click to expand...

A military response is not vigilantism. I was not offering to do it myself.

guest · Jul 16, 2019

xxJackxx said: ↑

A military response is not vigilantism. I was not offering to do it myself.
Click to expand...

Then, not worth the cost of deploying troops. They won't send SWAT teams because people naively click on weaponized docs. Not saying most serious cybercriminals are not so easy to locate.

xxJackxx · Jul 17, 2019

guest said: ↑

..They won't send SWAT teams because people naively click on weaponized docs. ...
Click to expand...

It's not because people clicked on docs. It's because of the people extorting millions of dollars from the people that clicked on them. In any case I was not looking to argue the point as I did not expect to be taken seriously. I assume we will just continue to let these people do whatever they want, just like the identity thieves. Maybe I should give these things a go myself as nobody seems to be bothered by it.

guest · Jul 29, 2019

Paying the ransom is a terrible idea
July 29, 2019
https://www.itweb.co.za/content/Kjlyr7wdp12Mk6am/pXnWJadMba7bjO1e

Over one third of South African IT decision-makers (35%) are on high alert and are expecting cyber-attacks on their businesses within days.
In addition, besides expecting imminent attacks, another 31% of organisations are expecting an attack within the year. Fewer than one in five IT decision-makers in SA enterprises believe themselves safe from attack in the next two years.

City Power is not alone, he says. In the US, over 20 public-sector organisations have suffered ransomware attacks this year, including City Lake, Tallahassee and Riviera Beach in Florida, Augusta in Maine, and Albany in New York.

“Paying the ransom is a terrible idea,” he adds. “Not only does it encourage this type of scourge, but there is no guarantee that cyber criminals will hand over the decryption key once the ransom is paid.”
However, many companies do end up paying, to avoid the laborious recovery of data from backups, assuming these backups are current and unaffected.
Click to expand...

ronjor · Aug 27, 2019

How insurance companies are fueling a rise in ransomware attacks

Renee Dudley for Pro Publica - 8/27/2019
Ransomware is proliferating across America, disabling computer systems of corporations, city governments, schools and police departments. This month, attackers seeking millions of dollars encrypted the files of 22 Texas municipalities. Overlooked in the ransomware spree is the role of an industry that is both fueling and benefiting from it: insurance. In recent years, cyber insurance sold by domestic and foreign companies has grown into an estimated $7 billion to $8 billion-a-year market in the US alone, according to Fred Eslami, an associate director at AM Best, a credit rating agency that focuses on the insurance industry. While insurers do not release information about ransom payments, ProPublica has found that they often accommodate attackers' demands, even when alternatives such as saved backup files may be available.
Click to expand...

ronjor · Sep 3, 2019

Do Ransomware Attackers Single Out Cyber Insurance Holders?

Mathew J. Schwartz (euroinfosec) September 3, 2019
Security Experts Express Skepticism That Criminals Would Bother
Click to expand...

ronjor · Sep 5, 2019

Taxpayers against cities paying up in ransomware attacks, says survey

By Larry Dignan for Between the Lines | September 5, 2019
The IBM and Morning Consult found that nearly 60% of respondents said they are against their local governments using tax dollars to pay ransoms.
Click to expand...

ronjor · Sep 13, 2019

Arizona Schools Provide Model for Managing Ransomware

By Kevin Townsend on September 13, 2019
On Wednesday, September 4, 2019, ransomware was discovered at Flagstaff Unified School District, Arizona. Schools were closed on Thursday and Friday of that week, but re-opened after the weekend. No ransom was paid, and only two days schooling was lost.
Click to expand...

Joxx · Sep 13, 2019

If you vote and pay taxes, you're fuelling global organised crime
Click to expand...

there

ronjor · Sep 13, 2019

Consumer ransomware insurance? You could be painting a target on us all for avaricious crims

By Gareth Corfield 13 Sep 2019
D'ya hear that, cybercrooks? $50k up for grabs.
Click to expand...

Minimalist · Sep 16, 2019

Theresa Payton argues companies are manipulating victims to avoid paying higher bills

Former CIO of the White House Theresa Payton has warned that cyber insurance companies are supporting the ransomware industry by manipulating organisations into paying to have their systems returned after a cyber attack.
Click to expand...

https://www.itpro.co.uk/ransomware/...urance-firms-for-fuelling-ransomware-industry

ronjor · Oct 3, 2019

FBI's new ransomware warning: Don't pay up, but if you do, tell us about it

By Liam Tung | October 3, 2019
The FBI is urging all ransomware victims to tell it about the attack whether they choose to pay or not.
Click to expand...

longshots · Oct 3, 2019

"The FBI is urging all ransomware victims to tell it about the attack whether they choose to pay or not"
Finally, a rational response.

xxJackxx said: ↑

they should spend the money to locate them and send a military response to their door
Click to expand...

If it's a government military response, are they not already using the FBI in trying to track them down.

Unless you're a business owner your reaction to a ransomware demand may lean to the "stay strong and refuse to pay" camp.
If you're the owner of a medium sized business, or a CEO of a major one, there is only one response - of course you will pay.
While a listed company can easily withstand the small financial hit, the smaller enterprise would be crippled if they didn't pay up.
And its workers would be out of a job.
The flow on effects of non payment can be far reaching.

It seems as is if they have finally found a way to make "kidnapping" work - and get away with it.

guest · Nov 1, 2019

Ransomware: Average Ransom Payout Increases to $41,000
November 1, 2019
https://www.databreachtoday.com/ransomware-average-ransom-payout-increases-to-41000-a-13333

For the third quarter of this year, the average ransom amount paid was $41,198, an increase of 13 percent compared to the second quarter and a nearly six-fold increase from the third quarter of 2018, according to ransomware incident response firm Coveware.

"The rate of increase has plateaued, reflecting resistance to paying by victims who are increasingly finding new ways to restore and recreate data, rather than pay," Coveware says in a new report
Coveware's findings are based on anonymized data collected from ransom payments made by its clients and clients of its business partners. "We don't publish the underlying numbers - as we are private company - but it's in the high hundreds," Coveware CEO Bill Siegel tells Information Security Media Group
Paying a Ransom: Just the Beginning
When organizations do choose to pay their ransomware attackers, there are no guarantees that they'll receive a decryption tool, or that it will work.

Just because victims receive a decryptor, however, doesn't mean they're getting all of their data back. In the third quarter, "victims who paid for a decryptor successfully decrypted 94 percent of their encrypted data," Coveware says, which was a slight improvement from the second quarter.
Click to expand...

guest · Dec 16, 2019

Should you pay Ransomware attackers? Microsoft says no
December 16, 2019
https://mspoweruser.com/should-you-pay-ransomware-attackers-microsoft-says-no/

Ransomware affects PC users big and small, with a number of municipalities recently severely hit and crippled for weeks by software which encrypts their data and demand payment to make the computing infrastructure work again. The ransomware often targets back-up systems also, making it impossible to restore to a known-good backup.

When faced with a ransom demand and with critical infrastructure and the administrative function of hundreds of thousands of people incapacitated, many cities have been tempted to pay the ransom, and some have in fact given in.
Microsoft is however clear in their advice to never give in to terrorists:

"[...] The most important thing to note is that paying cybercriminals to get a ransomware decryption key provides no guarantee that your encrypted data will be restored."
… every organization should treat a cybersecurity incident as a matter of when it will happen and not whether it will happen. Having this mindset helps an organization react quickly and effectively to such incidents when they happen.
Microsoft advises the following strategy: [...]
Click to expand...

Microsoft: Ransomware response—to pay or not to pay?

Log in or Sign up

'If you pay, you're fuelling global organised crime'

ronjor Global Moderator

hawki Registered Member

FanJ Updates Team

ronjor Global Moderator

guest Guest

guest Guest

xxJackxx Registered Member

ronjor Global Moderator

ronjor Global Moderator

guest Guest

xxJackxx Registered Member

guest Guest

xxJackxx Registered Member

guest Guest

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

Joxx Registered Member

ronjor Global Moderator

Minimalist Registered Member

ronjor Global Moderator

longshots Registered Member

guest Guest

guest Guest

Log in or Sign up

'If you pay, you're fuelling global organised crime'

ronjor Global Moderator

hawki Registered Member

FanJ Updates Team

ronjor Global Moderator

guest Guest

guest Guest

xxJackxx Registered Member

ronjor Global Moderator

ronjor Global Moderator

guest Guest

xxJackxx Registered Member

guest Guest

xxJackxx Registered Member

guest Guest

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

Joxx Registered Member

ronjor Global Moderator

Minimalist Registered Member

ronjor Global Moderator

longshots Registered Member

guest Guest

guest Guest

Useful Searches