Skip to main content

I wish it became universally unacceptable both morally and legally to pay ransomware operators. Paying ransom like Colonial Pipeline supposedly did should be simply illegal and be considered something close to financing terrorism with corresponding legal consequences.

The only reason #ransomware even exists is because people are unwilling to accept their losses so they choose to pay. Every payment means more organizations and ordinary people will be hit. Also as ransomware "business" thrives and becomes more sophisticated so does ransomware protection - and consumers end up compensating the costs.

If ransomware encrypts your data you should consider them compromised and destroyed. Treat it as catastrophic failure, recover and move on.
US fuel pipeline hackers 'didn't mean to create problems'

#ransomware
Cass
Cass  
Yep, invest in preventative security.
Alexander
Alexander  
@Cass M Yes and it is getting more and more complicated. As ransomware payouts reach seven digits the attacks now are more sophisticated and often usually are planned and targeted operations. It can involve getting inside help or infiltrating organizations.

While preventative security is a must surely you know that the most companies don't operate in strict lockdown mode and if these are targeted - they will be vulnerable.
@Cass
Iron Bug
Iron Bug  
@Alexander it's like Israel does not negotiate with terrorists. because if one begin negotiations it only encourages more terrorist activities. when no negotiations are supported - no ransom, no spoil, no sense.
@Alexander
Iron Bug
Iron Bug  
ransomware attacks are typical IT terrorism. and ideally no negotiations should be attempted with attackers.
Doug Senko
Doug Senko  
You'd think they could still remember how to deliver gas and run the pipeline by hand, like they did in the old days before all this technocrap invaded..
Alexander
Alexander  
@Doug Senko Exactly.

Every time I hear about some infrastructure or industrial system being down due to ransomware or some data center fire I just facepalm.

I get that the modern equipment is complicated and computer operated but it should have damn reset button and systems themselves should have fallback plans.

One who gets the greatest blame here are manufacturers. Soon you won't be able to buy a damn printer working without network access. Activation codes, subscription checks and licensing servers are everywhere, everything calls home.

Which means it all can get hacked.
@Doug Senko
Iron Bug
Iron Bug  
@Doug Senko the problem is not automation by itself. but the security issues. I worked many years in industrial automation and I cannot get how such important object control system could have any connection with the Internet. this is unimaginable. all security and important objects usually have strict separation from any public access from the outside. and of course all important automation is always doubled by different control systems and also have emergency manual control as well.
@Doug Senko
Alexander
Alexander  
Lately ransomware operators started going after backups as well.

So some of them now have to be cold.