We do not negotiate with terrorists?

Fat, drunk and stupid is no way to go through life

11/15/2014 5:15:59 AM

Or do we?

Our company was hit with the Cryptowall virus and the cyber terrorists are demanding $1000 to unlock the files. I'm not an IT guy. I'm in operations, so I say in on the meetings. The majority said WE NOT PAY THE RANSOM.

If there is some guarantee that paying the random will work - I'm kind of for it. The cost of replicating the lost files far exceeds the restively small random. Of course - there is not guarantee the terrorists will send the key if we pay.

Life sucks

36 comments

Lone_Wolf
•
10 years ago
I'd pay the grand too.
Clubber
•
10 years ago
Send in Seals!
steve229
•
10 years ago
Where's Troop when you need him?
steve229
•
10 years ago
But seriously, they don't really sound like terrorists...more likely millennial entrepreneurs with a slightly outside the box business plan...besides, what's a grand in an economic boom?
Dolfan
•
10 years ago
I don't have first hand experience, but from what I've heard paying the fee does usually work. I'd toss morals/principles out of the equation and make a business decision, if the chance of recovering the files is worth the money then pay it.

The key is, making sure you learn your fucking lesson. If you pay or not, action should be taken to prevent a recurrence. I'm not saying go out and spend millions on all sorts of security software that will probably negatively impact productivity as much as it prevents risks, but impact here could be mitigated with some standard backup processes that would also protect your company from many other scenarios. Hell, the investment for reasonable backups is worth it for most individuals backing up their fucking selfies and shit, its certainly worth it for a company. If your internal IT dept can't set something like that up, there's tons of consulting services that will do it for you.
mikeya02
•
10 years ago
I thought this is one reason to back up your files on Carbonite.......or somewhere offsite
crazyjoe
•
10 years ago
Find a tall tree and a short rope
jackslash
•
10 years ago
The problem with paying the ransom is that it gives the criminals an incentive to do it again and again, whether to your company or another. I would not pay.

These are merely computer files. It is more difficult to reject ransom categorically when the hostage is a loved one, like a child or wife or favorite stripper.
sharkhunter
•
10 years ago
I'd try to coordinate a transfer with some detectives who know cyber crime to trace the money. $1000 doesn't sound like much unless they have very little to fear and do this to a lot of people. Even if they hit 50 companies, they would only have $50k to show for the crime. Hit a really big corporation, and that one company might be willing to spend a few million to beef up security and spend some of that budget going after the thieves. It might be a kid in someone's basement with little knowledge of risk versus reward. Unless they were seeking access to financial records.
rogertex
•
10 years ago
Have an admin communicate for making payment arrangements - also seeking usual assurances - getting all files back, will not occur again, etc etc
Obviously none of the assurances are worth anything - but it gives the assholes on the other side a sense that these guys are complying and just want to get the files back.

It's only a thousand bucks.

But - if you guys have IT - get them to work on re-assessing your firewalls. These should be better than a thousand-dollar asshole can break. Hire new people if needed. Next breach could be fatal.

And - as the Admin conducts the payment procedure - give her some wrong info so she stumbles and fumbles (don't tell her anything - she should appear genuine to the asshole). The re-try will definitely provide clues to the cyber-crime folks in Police Dept. I'm very sure the asshole will be caught - right in his basement. He gets max time, event gets publicised and deters bigger cyber crime down the road.

I know the feeling. It sucks more than losing wallet or cell phone. Entire businesses depend on computer data. I'd vote for death penalty for cyber terrorists - no matter what part of the world they are at.
Dougster
•
10 years ago
DOOMED!
slaux.pas
•
10 years ago
That crazyjoe retard is prolly a terrorist cuz he sent me a bunch of emails that I cant open. That retard is prolly sending me cryptology shit. So I am glad I could not open them. I am so smrt and you all are retards.
slaux.pas
•
10 years ago
Your the worst retard of all Dougster. You just repeat doomed over and over. Your a retard.
crazyjoe
•
10 years ago
^^^^ this guyn is totally doomed if he can't figure out technology. Do you work at rhe Piggly Wiggly?
crazyjoe
•
10 years ago
Slop.guy...do you know bagboyjames?
Dougster
•
10 years ago
Absolutely DOOMED!
Dougster
•
10 years ago
Those cyber terrorists ought to take some lessons from Dr Evil in how to demand real ransom. Like one miiiilioooon dollars!
san_jose_guy
•
10 years ago
Got to have good backups. This is the only real protection.

Say you pay the money, how do you know then that your computers are clean, as opposed to still having some sleepers.

I would be going to LE, and I would only pay if it somehow helped LE to track the cyberterrorists down.

SJG
Clubber
•
10 years ago
I once performed a security audit on a major hospital in my area. Of the clients on their network, over 91% of them had full administrative rights. That was internal to the hospital. I was able to enter their domain from outside without the least bit of "resistance". With that sort of control, no wonder companies get breached.

Amazingly, they didn't want to invest any funds in their security. My question was, why did they paid so much for the audit, then toss the results in the trash?
Dougster
•
10 years ago
You guys have no idea how bad things are cyber security wise.
PhantomGeek
•
10 years ago
Good luck with this, Motorhead. Like others have said, getting the police involved is probably the best thing to do. Hiring your own hacker to backtrack that kid, fry his systems, and then turn him over to the cops could be even more fun.
Otto22
•
10 years ago
I would be willing to bet that the hackers are not in the US which limits your options.
Estafador
•
10 years ago
LMAO, if your IT was smart, he'd have backed up all those files. A very dark lesson learned. It's gonna take a team of some seriously great FBI IT techs, forget your local police to do the job since it's now on Tor. Best thing to do is, contact the FBI, pay the ransom and let the feds in black handle the situation. It's already an FBI investigation anyway so you don't have a choice because more than likely, the FBI now knows you just accessed TOR. Good luck.

@Dougster Not every company can even afford $1M or else the cyber punks won't have a renewable source of income.
Dougster
•
10 years ago
Even the companies that are spending a million or several million or hundreds of million are getting hacked. Social engineering is part of it, but it's mostly about choices that were made to favor time to market over security long, long ago, or to save money. Knowing there would be problems but just eat the cost of that damage year by year rather than put long term solutions in place. A final factor is that intelligence agencies want their to be holes. I also suspect other powerful entities do as well, but now we are into conspiracy theory realm.
Estafador
•
10 years ago
Of course if your IT has ways to restore at least SOME of your information do so before paying the premium (shadowexplorer, RakhniDecryptor, etc. Shadowexplorer will probably be the only one that works but give the other a try anyway). Anyway, next time, invest some money in a backup software, constantly seperate that from the interweb (don't include it in a shared server) and recommend your idiot IT tech to get ESET NOD32, F-Share or Kaspersky. If the data isn't THAT important (I doubt that since it's a business), don't pay it and just take a dark lesson and let the feds handle it. That is of course making sure that NOBODY was watching pornography of any sort on their work stations (ESPECIALLY CHILD PORNOGRAPHY) or fucking around with TOR themselves, don't exclude the IT, he's your first suspect along with the loser employee who never speaks. Good luck
steve229
•
10 years ago
"... along with the loser employee who never speaks. "

You mean the super creepy guy who eats his lunch alone and is always trying to eavesdrop? Yeah, I'd definitely keep an eye on him
SlickSpic
•
10 years ago
Interesting how different occupations have different hazards. My co-worker was working on a transmission line and after an explosion, he has third degree burns on most of his body. He might not make it past the week, he's so fucked up. My sister and I took his kids to Knotts Berry Farm this weekend. My sister is really good friends with his wife. She got the unlucky job of explaining to their kids that their Dad might not live. My weekend has been pretty sad, to be honest.
Estafador
•
10 years ago
@steve229 yeah that one stevie

@slickspic ouch, really sorry to hear that. Hope he at least has time to see his kids once more.
SlickSpic
•
10 years ago
@Estafador-Probably not. The fact that he's alive is testament to his constitution. A transmission line is a natural gas pipeline that I can walk through. I'm sure FarmerArt has seen some similar shit.
Eagle1191
•
10 years ago
Joke Reply- You need to handle this like Les Grossman from "Tropic Thunder" topic creator.
PhantomGeek
•
10 years ago
Slick, sorry to hear that. Good luck to his family.
vincemichaels
•
8 years ago
Sometimes you must.
Clubber
•
8 years ago
motor,

I sent you a PM on the subject.
Clubber
•
8 years ago
DAMN! Another ancient thread!
vincemichaels
•
8 years ago
Well, that's the breaks, Clubber. When we've been around here forever some things are ancient.
Clubber
•
8 years ago
So, vm, just what are you implying???

You must be a member to leave a comment.Join Now

Got something to say?

Start your own discussion