Can somebody explain these ransomwear attacks?

• Previous message (by thread): Can somebody explain these ransomwear attacks?
• Next message (by thread): Can somebody explain these ransomwear attacks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jun 24, 2021 at 5:41 PM Brandon Svec via NANOG <nanog at nanog.org> wrote:
>
> I think a big problem may be that the ransom is actually very cost effective and probably the lowest line item cost in many of these situations where large revenue streams are interrupted and time=money (and maybe also health or life).

Big problem that with organizations' existing Disaster Recovery DR methods --
the time and cost to recovery from any event including downtime will
be some amount.. likely a high one,
and criminals' ransom demands will presumably be set as high a price
as they think they can get --
but still orders of magnitudes less than cost to recover / repair /
restore, and the downtime may be less.

The  ransom price becomes the perceived cost of paying from the
perspective of the
organizations faced with the decision,  But the actual cost to the
whole world of them paying
a ransom is much higher and will be borne by others (And/or themselves
if they are unlucky)
in the future, when their having paid the criminals encourages and
causes more and more of that nefarious activity.

I would call that a regulatory issue regarding commerce and payments
not able to be addressed by technology.

No matter how much companies can improve your DR process to cost less
for a recovery
and take less time -- a recovery is bound to still involve some
downtime and cost a large enough amount  where it
will then be possible for motivated criminals to come up with a
dollars cost improvement for a ransom that will be less than it.

I do wonder for a moment.. about companies paying ransoms: Do they
somehow manage to get
the crooks' W-9 and verify their identity, as required when an
organization makes a payment to
any 3rd party -- or do those paying ransoms somehow circumvent the
mandatory tax reporting and
witholdings,  B/c it seems like making a payment to an Unnamed /
unidentified / unverifiable party
ought to be a crime  or make the payor be considered an accomplice in
the crooks' evasion of the taxing authority?

I always think.. have the governments impose penalties, eg.
"If you make a payment for a ransom, then a penalty of  $10k plus
10000% the ransom will be due."
/ Have it be a more-severely penalized crime to send any digital
payment for a transaction above X say $1000 without the Proof of
Identity
and Physical location of all Payees -- make sure it gets enforced
strictly against anyone paying a ransom.
Make the ransoms not payable without larger repurcussions, and perhaps
the crooks will have to find a new profession.

>
> The original thought that it should be handled like standard DR and tighten up security may apply to very small businesses though where they could afford to try to ignore the ransom request and rebuild more securely hoping the criminals will move on and not come back for revenge.
>
--
-Jim

• Previous message (by thread): Can somebody explain these ransomwear attacks?
• Next message (by thread): Can somebody explain these ransomwear attacks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]