Two-Thirds Of Companies Pay Ransomware Demands

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
Can you guys believe this? Apparently you can't trust scumbag cybercriminals to unencrypt your files after you've paid them money. What is this world coming to?

The majority of organizations which become infected by ransomware will give into the demands of cybercriminals for reasons ranging from the importance of the encrypted data to the perceived low costs of ransom payments. However, some companies have discovered the hard way that cybercriminals are not to be trusted, with many only paying hackers to unencrypt their files only to find that they never get their data back.
 

Canon

2[H]4U
Joined
Aug 12, 2004
Messages
2,490
What a shame... Maybe these idiot companies will learn their lesson and implement a proper backup system for their important data and stop paying ransom demands.

I'm actually glad that these companies aren't getting their files decrypted. Maybe this will give other companies a clue that paying these demands is a really bad freaking idea...

The high success rate of these attacks is only going to make this type of destructive/disruptive attack more prevalent.. .
 

Armenius

I Drive Myself to the [H]ospital
Joined
Jan 28, 2014
Messages
20,618
What a shame... Maybe these idiot companies will learn their lesson and implement a proper backup system for their important data and stop paying ransom demands.

I'm actually glad that these companies aren't getting their files decrypted. Maybe this will give other companies a clue that paying these demands is a really bad freaking idea...

The high success rate of these attacks is only going to make this type of destructive/disruptive attack more prevalent.. .
Sometimes it's not that a company doesn't have a backup system in place, it's the fact that the backup system is kept online with the live production system. So what happens when a ransomware infection spreads the backup gets encrypted along with everything else as it goes after all attached storage.
 

AK0tA

Gawd
Joined
Mar 4, 2012
Messages
813
If I were the president of the USA I would make a team of specialist to find and publicly hang all of these major cybercrim's. Time to stop pussy footing around and just hang em high.
 

Armenius

I Drive Myself to the [H]ospital
Joined
Jan 28, 2014
Messages
20,618
If I were the president of the USA I would make a team of specialist to find and publicly hang all of these major cybercrim's. Time to stop pussy footing around and just hang em high.
They're already too busy fighting against encryption on another sinister front: average law abiding citizens encrypting their own personal data.
 

Skripka

[H]ardForum Junkie
Joined
Feb 5, 2012
Messages
10,792
If I were the president of the USA I would make a team of specialist to find and publicly hang all of these major cybercrim's. Time to stop pussy footing around and just hang em high.

And when most of them aren't in the USA?
 

AK0tA

Gawd
Joined
Mar 4, 2012
Messages
813
And when most of them aren't in the USA?
Well by jove kick ass harder after all we are the U.S.A. If they can not get their subjects under control we WILL, you wanna do something about that, come at me bro.
 

piker28

Limp Gawd
Joined
Aug 2, 2007
Messages
183
We have been hit with it a few times. Lucky nothing was worth paying the ransom but I can see people totally paying the fee. To touch on the backups aspect ours replicates so if you did not catch the ransomware early enough it can just replace the good backups and so forth.
 

VIC-20

Gawd
Joined
Mar 24, 2006
Messages
988
What a shame... Maybe these idiot companies will learn their lesson and implement a proper backup system for their important data and stop paying ransom demands.

I'm actually glad that these companies aren't getting their files decrypted. Maybe this will give other companies a clue that paying these demands is a really bad freaking idea...

The high success rate of these attacks is only going to make this type of destructive/disruptive attack more prevalent.. .
I agree, but trying to convince your client to buy a half million dollar backup system to avoid a possible $20,000 Bitcoin ransom doesn't often fly. In Alberta, the hospitals and schools have just been paying the ransom.
 

pxc

[H]ard as it Gets
Joined
Oct 22, 2000
Messages
33,064
I read the title as two thirds of companies do not have a useful backup procedure. :p
 

arentol

2[H]4U
Joined
Jun 15, 2004
Messages
2,712
I agree, but trying to convince your client to buy a half million dollar backup system to avoid a possible $20,000 Bitcoin ransom doesn't often fly. In Alberta, the hospitals and schools have just been paying the ransom.
They don't do it to avoid the Bitcoin ransom. They do it to avoid the complete and total loss of all their data through any of the dozens and dozens of ways it could happen. Immunity to Bitcoin ransoms is just a bonus that comes with having a decent backup process in place.
 

bigdogchris

[H]ard as it Gets
Joined
Feb 19, 2008
Messages
17,953
We get hit by this crap all the time but thankfully our backups are easy to restore. No matter how many times you tell people not to open attachments from people they don't know or are not expecting, they still do it.
 

Seelenlos

[H]ard|Gawd
Joined
Apr 27, 2005
Messages
1,115
We get hit by this crap all the time but thankfully our backups are easy to restore. No matter how many times you tell people not to open attachments from people they don't know or are not expecting, they still do it.
This! System is only as good as the dumbest users. Several times a year we deal with people who fall for phishing emails. Only had two encrypted computers and thankfully nothing important was stored on their systems. I used to be nice about and get them back up and running asap. Now I put them at the bottom of my list and add an extra day to the time it takes to fix. Maybe it will make them think a bit more in the future.....probably not. :arghh:
 

VIC-20

Gawd
Joined
Mar 24, 2006
Messages
988
They don't do it to avoid the Bitcoin ransom. They do it to avoid the complete and total loss of all their data through any of the dozens and dozens of ways it could happen. Immunity to Bitcoin ransoms is just a bonus that comes with having a decent backup process in place.
I agree as well. But no matter how hard you sell it, or what has happened even hours away, loss prevention has always been a tough sell. That is why this stuff happens.
 

nutzo

[H]ardness Supreme
Joined
Feb 15, 2004
Messages
7,380
I agree, but trying to convince your client to buy a half million dollar backup system to avoid a possible $20,000 Bitcoin ransom doesn't often fly. In Alberta, the hospitals and schools have just been paying the ransom.
Half million dollars. I support 2 offices and we have around 50TB of data to backup. The costs for a server and TLO tape changer in each office wasn't much more than the $20,000 figure.
 

VIC-20

Gawd
Joined
Mar 24, 2006
Messages
988
Half million dollars. I support 2 offices and we have around 50TB of data to backup. The costs for a server and TLO tape changer in each office wasn't much more than the $20,000 figure.
I support over 7500 people. But I'm not arguing, I don't work in infrastructure. I just know what our 3par and Cisco server upgrades cost :)
 

jardows

[H]ard|Gawd
Joined
Jun 10, 2015
Messages
1,796
Sometimes it's not that a company doesn't have a backup system in place, it's the fact that the backup system is kept online with the live production system. So what happens when a ransomware infection spreads the backup gets encrypted along with everything else as it goes after all attached storage.
That's not a backup. That's a redundancy system. Who is getting paid to implement these things as backups, and how can I get in on the scam?
 

Skripka

[H]ardForum Junkie
Joined
Feb 5, 2012
Messages
10,792
Well by jove kick ass harder after all we are the U.S.A. If they can not get their subjects under control we WILL, you wanna do something about that, come at me bro.

Says the country that cannot even keep a budget passed. Says the country that cannot keep people from killing one another texting and driving. About all it really can accomplish legislatively are bathroom laws.

Yea sure. You tell teh rest of the world how to brings its affairs in order...when you cannot even keep your own roads paved. You're such rugged ballsy folks, everyone should truly be awe and admiration.
 

kinjo

[H]ard|Gawd
Joined
Dec 17, 2010
Messages
1,053
We should start an international task force to track these parasites down and kill their loved ones then perforate their ear drums blind them and leave them alive and then televise it so people know the penalty.
 

Gweenz

[H]ard|Gawd
Joined
Dec 18, 2003
Messages
1,216
Let's not go Team America here. The CIA, FBI, et al are powerless against this because they have no jurisdiction over the areas where these scams originate. We have a good idea where, and even have extradition treaties with those countries. However, it is not a simple matter of the CIA flying over there and arresting people. It doesn't work that way, for the same reasons we don't allow Chinese officials to come over here and start extraditing U.S. citizens. There are many diplomatic hurdles to clear, and by the time we get past them those scammers have changed their names and locations.

The best policy against these scams is education, awareness, and offsite backups. If data is backed up there is no reason to pay the ransom; if there is no reason to pay the ransom there is no reason to run the scam.
 

hescominsoon

[H]Lite
Joined
Jun 29, 2004
Messages
79
Can you guys believe this? Apparently you can't trust scumbag cybercriminals to unencrypt your files after you've paid them money. What is this world coming to?

The majority of organizations which become infected by ransomware will give into the demands of cybercriminals for reasons ranging from the importance of the encrypted data to the perceived low costs of ransom payments. However, some companies have discovered the hard way that cybercriminals are not to be trusted, with many only paying hackers to unencrypt their files only to find that they never get their data back.
I ahd a client get nailed by ransomware. It took out the NAS and the onsite usb backups. Luckily he listened to me and invested in an encrypted offsite cloud backup. Instead of loosing everything it took him down for a day to redownload everything after I stripped the computers cleaned. I did not try to remove the malware.i slicked the machines and started over form backups...worked perfectly.
 

Exavior

[H]ardForum Junkie
Joined
Dec 13, 2005
Messages
9,671
the FBI actually tells people to pay and hope for the best. And in most cases as far as I know the files do get unlocked. And it makes sense. Let's say ransomware Bob gets released, I pay and my files don't get unlocked. Now I will tell everyone I can, suddenly everyone knows that you shouldn't pay as your files will stay locked. So they normally will unlock them just to make sure others pay since they know they should get their files back. As far as not having backups. Even with backups it could be cheaper to just pay. Let's say all your servers get locked. You could spend days wiping out all systems, reinstalling the base OS, restoring software and spend all that money on that, or you just pay the few grand and get your stuff back right away. It is like anything else security related, it is cheaper to just pay for a breach than it is to try to implement the best measures possible.
 

bigdogchris

[H]ard as it Gets
Joined
Feb 19, 2008
Messages
17,953
This! System is only as good as the dumbest users. Several times a year we deal with people who fall for phishing emails. Only had two encrypted computers and thankfully nothing important was stored on their systems. I used to be nice about and get them back up and running asap. Now I put them at the bottom of my list and add an extra day to the time it takes to fix. Maybe it will make them think a bit more in the future.....probably not. :arghh:
I had a user get hit with Cryptolocker a year ago, and just the other day the same person put in a ticket about not knowing the password to a password protected Word document they received through email. So ya, some people never learn.
 

Stoly

[H]ardness Supreme
Joined
Jul 26, 2005
Messages
6,486
2 or our customers were hit last year. None of them payed.
One of them had backup the other one didn't.
The first was back on line in a matter of hours.
It took months for the second to recapture their inventory databases from a year old listing. They still won't do ANY BACKUP to this day.
 

Babbster

[H]ard|Gawd
Joined
Jan 13, 2006
Messages
1,434
From the criminal's point of view, any contact beyond the time of payment is a huge risk with little reward. It's the same reason kidnap victims get killed even when ransoms get paid - why take a single additional chance after you get what you want?
 

AK0tA

Gawd
Joined
Mar 4, 2012
Messages
813
Well I do not disagree with you one bit, our political machine has been corrupted, spoiled and torn assunder. Our citizens are now a bunch of pussies willing to give away the farm so that all may be on equal ground. Our country is bought and paid for by all the big major corporations all in a giant effort to make us more like the EU and the rest of the socialist world. My comment in context was if I were the President of the USA, I would overturn the tables and whip the money changers. I agree the beatings need to start right here at home.
 
Top