The Tr*** Attack
Your country is burning, and only I can put out the fire. Your eyeballs are wrong,
Who copied whom here??
Two in five large UK businesses have fallen victim to a "bluff" ransomware attack, according to a new survey. "Bluff" ransomware attacks involve cybercriminals falsely claiming that malicious software has successfully infected an organisation's network before demanding an extortionate payment in return for the "encryption key …
I'd say that the ransom message was sent to some clueless management bod, who decided to pay discreetly without discussing the issue with their IT department. Either that or the IT department was crap*.
"A fool and his money..."
* either because of underfunding/ understaffing (from my experience, the most common cause) or the IT dept. consisting in a bunch of noobs.
No because they reported it to the Police.
A much worse explanation is that some clueless management bod asked IT, IT said the files were fine.
But CMB then held a meeting with other managers, lawyers and digital-cyber-compliance-facilitator-resources and somebody asked who was willing to put their job on the line to guarantee that the files were fine, or should they just pay with the company's money?
All of us who remember replacing systems in 1999 that didn't have anything to do with dates, because we couldn't get a certificate form the manufacturer proving that the vacuum cleaner was Y2K compliant.
You just brought back a nightmare.
My boss paying a fortune of our limited budget, (like every one else) to have computers Y2K tested. Most of which machines that were not networked, and had no system critical data, and were of little value. Because a bunch of executive level table decorations let themselves be panicked by a few vested interests into thinking that every bit of kit had to be Y2K compliant. Machines that could easily have been tested for free by turning them on on the 2nd January and seeing what happened.
Perhaps they're just hoping that they'll randomly get someone who has already been attacked by ransomware and will either pay the bluffers instead of the real ransomers by mistake, or simply pay twice?
Obligatory Internet conspiracy: Of course, if the bluffers were somehow to know who the targets were in advance (perhaps by having sold the mailing list to the criminals originally?) then their success rate would be a lot higher.
Either I'm totally ignorant to the level of stupidity of mankind, or there's something missing.
"Almost two-thirds (61 per cent) of targeted organisations paid out a ransom as a result..."
I'm sorry, but I can't believe that. Do you want to tell me that if I send an email to a number of (large) businesses telling them that their files are gone, less than half of them bother to actually check before paying out 5-digit sums?
There has to be another element to this type of fraud, some way in which the attackers cause the mark to believe that something actually happened (such as internal knowledge of the organisation or such.)
I know that way too many gullible people live on this planet, but not on that level.
When I read the article, for some unknown reason (;-), I was reminded of "hypnotist bank robbers".
Of course, I reckon that the notes content is probably along the lines of "Give me the dough and you'll find your 50% in a discreet envelope pushed under your door tomorrow morning." o_0
"There has to be another element to this type of fraud, some way in which the attackers cause the mark to believe that something actually happened"
If this happened when the great Windows 10 mugging was in progress that might have been enough. Alternatively they have a real virus which renames everything with a .crypto suffix.
Melchett: Now, I've compiled a list of those with security clearance, have you got it Darling?
Darling: Yes sir.
Melchett: Read it please.
Darling: It's top security sir, I think that's all the Captain needs to know.
Melchett: Nonsense! Let's hear the list in full!
Darling: Very well sir. "List of personnel cleared for mission Gainsborough, as dictated by General C. H. Melchett: You and me, Darling, obviously. Field Marshal Haig, Field Marshal Haig's wife, all Field Marshal Haig's wife's friends, their families, their families' servants, their families' servants' tennis partners, and some chap I bumped into the mess the other day called Bernard."
Melchett: So, it's maximum security, is that clear?
Blackadder: Quite so sir, only myself and the rest of the English-speaking world is to know.
IoT security strategy in a nutshell!