Two-Thirds Of Companies Pay Ransomware Demands

Discussion in 'HardForum Tech News' started by HardOCP News, Sep 7, 2016.

  1. HardOCP News

    HardOCP News [H] News

    Messages:
    0
    Joined:
    Dec 31, 1969
    Can you guys believe this? Apparently you can't trust scumbag cybercriminals to unencrypt your files after you've paid them money. What is this world coming to?

    The majority of organizations which become infected by ransomware will give into the demands of cybercriminals for reasons ranging from the importance of the encrypted data to the perceived low costs of ransom payments. However, some companies have discovered the hard way that cybercriminals are not to be trusted, with many only paying hackers to unencrypt their files only to find that they never get their data back.
     
  2. Canon

    Canon 2[H]4U

    Messages:
    2,461
    Joined:
    Aug 12, 2004
    What a shame... Maybe these idiot companies will learn their lesson and implement a proper backup system for their important data and stop paying ransom demands.

    I'm actually glad that these companies aren't getting their files decrypted. Maybe this will give other companies a clue that paying these demands is a really bad freaking idea...

    The high success rate of these attacks is only going to make this type of destructive/disruptive attack more prevalent.. .
     
  3. Armenius

    Armenius I Drive Myself to the [H]ospital

    Messages:
    16,811
    Joined:
    Jan 28, 2014
    Sometimes it's not that a company doesn't have a backup system in place, it's the fact that the backup system is kept online with the live production system. So what happens when a ransomware infection spreads the backup gets encrypted along with everything else as it goes after all attached storage.
     
  4. AK0tA

    AK0tA Gawd

    Messages:
    813
    Joined:
    Mar 4, 2012
    If I were the president of the USA I would make a team of specialist to find and publicly hang all of these major cybercrim's. Time to stop pussy footing around and just hang em high.
     
  5. Armenius

    Armenius I Drive Myself to the [H]ospital

    Messages:
    16,811
    Joined:
    Jan 28, 2014
    They're already too busy fighting against encryption on another sinister front: average law abiding citizens encrypting their own personal data.
     
    Wrecked Em and AK0tA like this.
  6. Skripka

    Skripka [H]ardForum Junkie

    Messages:
    10,792
    Joined:
    Feb 5, 2012

    And when most of them aren't in the USA?
     
    MavericK likes this.
  7. schizrade

    schizrade [H]ardness Supreme

    Messages:
    4,668
    Joined:
    Feb 15, 2003
    Copious backups, not accessible via network. Offsite backups.
     
    Armenius likes this.
  8. AK0tA

    AK0tA Gawd

    Messages:
    813
    Joined:
    Mar 4, 2012
    Well by jove kick ass harder after all we are the U.S.A. If they can not get their subjects under control we WILL, you wanna do something about that, come at me bro.
     
  9. DocSavage

    DocSavage 2[H]4U

    Messages:
    2,409
    Joined:
    Dec 18, 2002
    Or just don't let your users have the credentials to access the backups on the network.
     
  10. piker28

    piker28 Limp Gawd

    Messages:
    183
    Joined:
    Aug 2, 2007
    We have been hit with it a few times. Lucky nothing was worth paying the ransom but I can see people totally paying the fee. To touch on the backups aspect ours replicates so if you did not catch the ransomware early enough it can just replace the good backups and so forth.
     
  11. VIC-20

    VIC-20 Gawd

    Messages:
    839
    Joined:
    Mar 24, 2006
    I agree, but trying to convince your client to buy a half million dollar backup system to avoid a possible $20,000 Bitcoin ransom doesn't often fly. In Alberta, the hospitals and schools have just been paying the ransom.
     
  12. pxc

    pxc [H]ard as it Gets

    Messages:
    33,064
    Joined:
    Oct 22, 2000
    I read the title as two thirds of companies do not have a useful backup procedure. :p
     
  13. arentol

    arentol 2[H]4U

    Messages:
    2,712
    Joined:
    Jun 15, 2004
    They don't do it to avoid the Bitcoin ransom. They do it to avoid the complete and total loss of all their data through any of the dozens and dozens of ways it could happen. Immunity to Bitcoin ransoms is just a bonus that comes with having a decent backup process in place.
     
    DocSavage likes this.
  14. bigdogchris

    bigdogchris [H]ard as it Gets

    Messages:
    17,786
    Joined:
    Feb 19, 2008
    We get hit by this crap all the time but thankfully our backups are easy to restore. No matter how many times you tell people not to open attachments from people they don't know or are not expecting, they still do it.
     
  15. westrock2000

    westrock2000 [H]ardForum Junkie

    Messages:
    8,939
    Joined:
    Jun 3, 2005
    All those words you just said were synonyms for money.

    We will have none of that!
     
  16. Seelenlos

    Seelenlos [H]ard|Gawd

    Messages:
    1,104
    Joined:
    Apr 27, 2005
    This! System is only as good as the dumbest users. Several times a year we deal with people who fall for phishing emails. Only had two encrypted computers and thankfully nothing important was stored on their systems. I used to be nice about and get them back up and running asap. Now I put them at the bottom of my list and add an extra day to the time it takes to fix. Maybe it will make them think a bit more in the future.....probably not. :arghh:
     
    bigdogchris likes this.
  17. VIC-20

    VIC-20 Gawd

    Messages:
    839
    Joined:
    Mar 24, 2006
    I agree as well. But no matter how hard you sell it, or what has happened even hours away, loss prevention has always been a tough sell. That is why this stuff happens.
     
  18. nutzo

    nutzo [H]ardness Supreme

    Messages:
    7,371
    Joined:
    Feb 15, 2004
    That's why we have the CIA....
     
  19. nutzo

    nutzo [H]ardness Supreme

    Messages:
    7,371
    Joined:
    Feb 15, 2004
    Half million dollars. I support 2 offices and we have around 50TB of data to backup. The costs for a server and TLO tape changer in each office wasn't much more than the $20,000 figure.
     
  20. VIC-20

    VIC-20 Gawd

    Messages:
    839
    Joined:
    Mar 24, 2006
    I support over 7500 people. But I'm not arguing, I don't work in infrastructure. I just know what our 3par and Cisco server upgrades cost :)
     
  21. jardows

    jardows [H]ard|Gawd

    Messages:
    1,477
    Joined:
    Jun 10, 2015
    That's not a backup. That's a redundancy system. Who is getting paid to implement these things as backups, and how can I get in on the scam?
     
    Armenius likes this.
  22. Skripka

    Skripka [H]ardForum Junkie

    Messages:
    10,792
    Joined:
    Feb 5, 2012

    Says the country that cannot even keep a budget passed. Says the country that cannot keep people from killing one another texting and driving. About all it really can accomplish legislatively are bathroom laws.

    Yea sure. You tell teh rest of the world how to brings its affairs in order...when you cannot even keep your own roads paved. You're such rugged ballsy folks, everyone should truly be awe and admiration.
     
  23. kinjo

    kinjo [H]ard|Gawd

    Messages:
    1,053
    Joined:
    Dec 17, 2010
    We should start an international task force to track these parasites down and kill their loved ones then perforate their ear drums blind them and leave them alive and then televise it so people know the penalty.
     
  24. Gweenz

    Gweenz [H]ard|Gawd

    Messages:
    1,216
    Joined:
    Dec 18, 2003
    Let's not go Team America here. The CIA, FBI, et al are powerless against this because they have no jurisdiction over the areas where these scams originate. We have a good idea where, and even have extradition treaties with those countries. However, it is not a simple matter of the CIA flying over there and arresting people. It doesn't work that way, for the same reasons we don't allow Chinese officials to come over here and start extraditing U.S. citizens. There are many diplomatic hurdles to clear, and by the time we get past them those scammers have changed their names and locations.

    The best policy against these scams is education, awareness, and offsite backups. If data is backed up there is no reason to pay the ransom; if there is no reason to pay the ransom there is no reason to run the scam.
     
  25. hescominsoon

    hescominsoon [H]Lite

    Messages:
    79
    Joined:
    Jun 29, 2004
    I ahd a client get nailed by ransomware. It took out the NAS and the onsite usb backups. Luckily he listened to me and invested in an encrypted offsite cloud backup. Instead of loosing everything it took him down for a day to redownload everything after I stripped the computers cleaned. I did not try to remove the malware.i slicked the machines and started over form backups...worked perfectly.
     
  26. Exavior

    Exavior [H]ardForum Junkie

    Messages:
    9,646
    Joined:
    Dec 13, 2005
    the FBI actually tells people to pay and hope for the best. And in most cases as far as I know the files do get unlocked. And it makes sense. Let's say ransomware Bob gets released, I pay and my files don't get unlocked. Now I will tell everyone I can, suddenly everyone knows that you shouldn't pay as your files will stay locked. So they normally will unlock them just to make sure others pay since they know they should get their files back. As far as not having backups. Even with backups it could be cheaper to just pay. Let's say all your servers get locked. You could spend days wiping out all systems, reinstalling the base OS, restoring software and spend all that money on that, or you just pay the few grand and get your stuff back right away. It is like anything else security related, it is cheaper to just pay for a breach than it is to try to implement the best measures possible.
     
  27. bigdogchris

    bigdogchris [H]ard as it Gets

    Messages:
    17,786
    Joined:
    Feb 19, 2008
    I had a user get hit with Cryptolocker a year ago, and just the other day the same person put in a ticket about not knowing the password to a password protected Word document they received through email. So ya, some people never learn.
     
  28. Stoly

    Stoly [H]ardness Supreme

    Messages:
    6,108
    Joined:
    Jul 26, 2005
    2 or our customers were hit last year. None of them payed.
    One of them had backup the other one didn't.
    The first was back on line in a matter of hours.
    It took months for the second to recapture their inventory databases from a year old listing. They still won't do ANY BACKUP to this day.
     
  29. Babbster

    Babbster [H]ard|Gawd

    Messages:
    1,434
    Joined:
    Jan 13, 2006
    From the criminal's point of view, any contact beyond the time of payment is a huge risk with little reward. It's the same reason kidnap victims get killed even when ransoms get paid - why take a single additional chance after you get what you want?
     
  30. AK0tA

    AK0tA Gawd

    Messages:
    813
    Joined:
    Mar 4, 2012
    Well I do not disagree with you one bit, our political machine has been corrupted, spoiled and torn assunder. Our citizens are now a bunch of pussies willing to give away the farm so that all may be on equal ground. Our country is bought and paid for by all the big major corporations all in a giant effort to make us more like the EU and the rest of the socialist world. My comment in context was if I were the President of the USA, I would overturn the tables and whip the money changers. I agree the beatings need to start right here at home.
     
  31. Dekoth-E-

    Dekoth-E- [H]ardness Supreme

    Messages:
    7,600
    Joined:
    Mar 23, 2010
    Today I learned two-thirds of companies have incompetent IT staff.