Author Topic: Cause a war over hacking.  (Read 26290 times)

0 Members and 1 Guest are viewing this topic.

Offline CNS

  • Pak'r Élitaire
  • ****
  • Posts: 36545
  • I'm Athletes
    • View Profile
Re: Cause a war over hacking.
« Reply #400 on: May 13, 2021, 04:28:19 PM »
Our govt should find the Darkside guys and hire them.

Offline wiley

  • Katpak'r
  • ***
  • Posts: 2185
    • View Profile
Re: Cause a war over hacking.
« Reply #401 on: May 13, 2021, 05:08:37 PM »
Our govt should find the Darkside guys and hire them.
Allegedly the utility to decrypt the files was so slow they had to use it in conjunction with restoring backups.

I think they paid the ransom to keep the information from getting out the hackers stole though.  At least that's how i read some things.
it's easy to be emaw when EMAW is at your doorstep - FFF

Offline Spracne

  • Point Plank'r
  • Pak'r Élitaire
  • *
  • Posts: 20946
  • Scholar/Gentleman, But Super Earthy/Organic
    • View Profile
Re: Cause a war over hacking.
« Reply #402 on: May 13, 2021, 05:56:20 PM »
Pipeline paid 5 million in crypto for the key to decrypt data (per Bloomberg)

 :curse:

FYI, this happens all the time, and 95%+ of the time businesses just quietly negotiate down and pay the ransom. There are now entire verticals dedicated to ransomware attack mitigation, including firms that specialize in negotiating the ransoms.

Offline wiley

  • Katpak'r
  • ***
  • Posts: 2185
    • View Profile
Re: Cause a war over hacking.
« Reply #403 on: May 13, 2021, 06:16:21 PM »
Pipeline paid 5 million in crypto for the key to decrypt data (per Bloomberg)

 :curse:

FYI, this happens all the time, and 95%+ of the time businesses just quietly negotiate down and pay the ransom. There are now entire verticals dedicated to ransomware attack mitigation, including firms that specialize in negotiating the ransoms.
I knew these happen all the time, but i didn't realize there were firms that do the negotiating and that there was even the possibility of negotiating down, that's bonkers.
it's easy to be emaw when EMAW is at your doorstep - FFF

Offline Spracne

  • Point Plank'r
  • Pak'r Élitaire
  • *
  • Posts: 20946
  • Scholar/Gentleman, But Super Earthy/Organic
    • View Profile
Re: Cause a war over hacking.
« Reply #404 on: May 14, 2021, 02:21:57 AM »
Pipeline paid 5 million in crypto for the key to decrypt data (per Bloomberg)

 :curse:

FYI, this happens all the time, and 95%+ of the time businesses just quietly negotiate down and pay the ransom. There are now entire verticals dedicated to ransomware attack mitigation, including firms that specialize in negotiating the ransoms.
I knew these happen all the time, but i didn't realize there were firms that do the negotiating and that there was even the possibility of negotiating down, that's bonkers.

Yup. It's a whole cottage industry, and the white hat people and black hat people become familiar with each other. Apparently there is, in fact, honor among thieves. I've heard some wild stories.

Offline MadCat

  • TIME's Person Of The Year - 2006
  • Pak'r Élitaire
  • ****
  • Posts: 13736
    • View Profile
Re: Cause a war over hacking.
« Reply #405 on: May 14, 2021, 10:00:19 AM »
Pipeline paid 5 million in crypto for the key to decrypt data (per Bloomberg)

 :curse:

FYI, this happens all the time, and 95%+ of the time businesses just quietly negotiate down and pay the ransom. There are now entire verticals dedicated to ransomware attack mitigation, including firms that specialize in negotiating the ransoms.
I knew these happen all the time, but i didn't realize there were firms that do the negotiating and that there was even the possibility of negotiating down, that's bonkers.

Yup. It's a whole cottage industry, and the white hat people and black hat people become familiar with each other. Apparently there is, in fact, honor among thieves. I've heard some wild stories.

Our CISO has been working with an IT insurance company and developing a checklist on what to do in case of such an event.  He states the government is telling people to never pay the ransom as this encourages them and you really have no guarantees on whether you will actually get anything useful in return for paying them.  He did mention there are other resources available in a case where we wanted to negotiate.

I think from an IT standpoint, the best way to mitigate this is to have good backups, but they need to have a long retention policy.  The bad guys usually don't act until they've been in your systems for 9 months already (on average).  Your recent backups will be useless if they've already been saving compromised files.

Offline wiley

  • Katpak'r
  • ***
  • Posts: 2185
    • View Profile
Re: Cause a war over hacking.
« Reply #406 on: July 06, 2021, 05:44:48 PM »
Pipeline paid 5 million in crypto for the key to decrypt data (per Bloomberg)

 :curse:

FYI, this happens all the time, and 95%+ of the time businesses just quietly negotiate down and pay the ransom. There are now entire verticals dedicated to ransomware attack mitigation, including firms that specialize in negotiating the ransoms.
I knew these happen all the time, but i didn't realize there were firms that do the negotiating and that there was even the possibility of negotiating down, that's bonkers.

Yup. It's a whole cottage industry, and the white hat people and black hat people become familiar with each other. Apparently there is, in fact, honor among thieves. I've heard some wild stories.

Our CISO has been working with an IT insurance company and developing a checklist on what to do in case of such an event.  He states the government is telling people to never pay the ransom as this encourages them and you really have no guarantees on whether you will actually get anything useful in return for paying them.  He did mention there are other resources available in a case where we wanted to negotiate.

I think from an IT standpoint, the best way to mitigate this is to have good backups, but they need to have a long retention policy.  The bad guys usually don't act until they've been in your systems for 9 months already (on average).  Your recent backups will be useless if they've already been saving compromised files.
I don't know if anyone followed this after it went down. But apparently a users access wasn't disabled after they left the company.  And credentials were aquired from a different data breach (login credentials for colonial were the same as the lets say their yahoo account).
it's easy to be emaw when EMAW is at your doorstep - FFF

Offline wiley

  • Katpak'r
  • ***
  • Posts: 2185
    • View Profile
Cause a war over hacking.
« Reply #407 on: December 13, 2021, 12:09:28 PM »
There’s a fun new vulnerability that they’re trying to take down the entire system with.

If you work in IT/Security/Dev #thoughtsandprayers

https://arstechnica.com/information-technology/2021/12/the-log4shell-zeroday-4-days-on-what-is-it-and-how-bad-is-it-really/
« Last Edit: December 13, 2021, 01:57:39 PM by wiley »
it's easy to be emaw when EMAW is at your doorstep - FFF

Offline bucket

  • Pak'r Élitaire
  • ****
  • Posts: 9524
    • View Profile
Re: Cause a war over hacking.
« Reply #408 on: December 13, 2021, 12:16:29 PM »
There’s a fun new vulnerability that they’re trying to take down the entire system with.

If you work in IT/Security/Dev #thoughtsandorayers

https://arstechnica.com/information-technology/2021/12/the-log4shell-zeroday-4-days-on-what-is-it-and-how-bad-is-it-really/


Offline wiley

  • Katpak'r
  • ***
  • Posts: 2185
    • View Profile
Re: Cause a war over hacking.
« Reply #409 on: December 13, 2021, 12:27:27 PM »
There’s a fun new vulnerability that they’re trying to take down the entire system with.

If you work in IT/Security/Dev #thoughtsandorayers

https://arstechnica.com/information-technology/2021/12/the-log4shell-zeroday-4-days-on-what-is-it-and-how-bad-is-it-really/


That’s rough ridin' great and accurate.
it's easy to be emaw when EMAW is at your doorstep - FFF