Advertisement

Drudge Retort: The Other Side of the News
Saturday, June 19, 2021

As ransomware attacks surge, the FBI is doubling down on its guidance to affected businesses: Don't pay the cybercriminals.

More

Comments

Admin's note: Participants in this discussion must follow the site's moderation policy. Profanity will be filtered. Abusive conduct is not allowed.

Socializing the corporate losses.

#1 | Posted by fresno500 at 2021-06-19 04:53 PM | Reply

That's not surprising. Paying an actual ransom for someone who has been kidnapped is tax deductible too.

#2 | Posted by snoofy at 2021-06-19 06:15 PM | Reply

Big business pays ransom, deducts ransom, pays less tax. Hmm go to plan B cho.

#3 | Posted by phesterOBoyle at 2021-06-20 05:32 AM | Reply

You would be amazed at how many businesses, school districts and local governments have been affected. The thing is you are only hearing about a TINY fraction. The VAST majority are not made public. It's all about protecting the insurance companies and the entities reputations. More importantly it is about the Insurance company.

There are laws about having to inform people in the event of a compromise of data. Virtually ALL these attacks compromise PII (Personally Identifiable Information) but there is no evidence it was compromised in most attacks. If you don't have evidence PII was compromised you don't have to reveal anything under most laws. What isn't talked about is the these cryptolocker malware attacks virtually all involve data exfiltration first. So they go in and download your data first, then they start locking your data. Most of these are active for extended periods of time prior to going live.

I have to bring this up again because, well the Chinese Government was involved. The Halfnium which hit over 80,000 servers in just the US in it's first few days after the hackers were aware they were found out did just this kind of thing. Hackers from the Chinese Government were launching attacks against what I am guessing were companies they saw as strategic for over 2 months prior to MS releasing patches. When the Chinese learned patches were about to be released, they went into overdrive attacking vulnerable servers - all Microsoft Exchange servers (email servers) were vulnerable. Once they were in, they could move about as they pleased if you didn't have the visibility to stop them. My company was fortunate, we were hit 4 days prior to the release but believe there was no data extraction. Evidence points to data extraction from this bulk operation started at the earliest about 8 days after compromise. We patched the first day, but once they were in it didn't matter. We have taken additional actions since this to make things more secure.

#4 | Posted by GalaxiePete at 2021-06-20 09:42 AM | Reply

Most cyber crime policies we sell include ransomware coverage.

Businesses deduct commercial insurance premiums. This is consistent.

#5 | Posted by eberly at 2021-06-20 11:16 AM | Reply

@#4 ... You would be amazed at how many businesses, school districts and local governments have been affected. The thing is you are only hearing about a TINY fraction. The VAST majority are not made public. ...

Repeat ransomware attacks hit 80% of victims who paid ransoms
searchsecurity.techtarget.com

#6 | Posted by LampLighter at 2021-06-20 11:34 AM | Reply

"Repeat ransomware attacks hit 80% of victims who paid ransoms"

Those businesses should be honored.

An 80% customer retention rate is unheard of!

#7 | Posted by snoofy at 2021-06-20 11:42 AM | Reply

Comments are closed for this entry.

Home | Breaking News | Comments | User Blogs | Stats | Back Page | RSS Feed | RSS Spec | DMCA Compliance | Privacy | Copyright 2021 World Readable

Drudge Retort