Can somebody explain these ransomwear attacks?
Michael Thomas
mike at mtcc.com
Fri Jun 25 17:02:03 UTC 2021
On 6/25/21 5:25 AM, Jim wrote:
> On Thu, Jun 24, 2021 at 5:41 PM Brandon Svec via NANOG <nanog at nanog.org> wrote:
>> I think a big problem may be that the ransom is actually very cost effective and probably the lowest line item cost in many of these situations where large revenue streams are interrupted and time=money (and maybe also health or life).
> Big problem that with organizations' existing Disaster Recovery DR methods --
> the time and cost to recovery from any event including downtime will
> be some amount.. likely a high one,
> and criminals' ransom demands will presumably be set as high a price
> as they think they can get --
> but still orders of magnitudes less than cost to recover / repair /
> restore, and the downtime may be less.
>
> The ransom price becomes the perceived cost of paying from the
> perspective of the
> organizations faced with the decision, But the actual cost to the
> whole world of them paying
> a ransom is much higher and will be borne by others (And/or themselves
> if they are unlucky)
> in the future, when their having paid the criminals encourages and
> causes more and more of that nefarious activity.
Well, the cost of the DR fire drill is proportionate to how automated,
etc, it is. If you think that the odds of a DR event are really low you
want to make it possible but not necessarily cheap. If it happens all of
the time, you want to optimize for speed and efficiency.
The object here is to break their business model, at least for you. Even
if you go through one DR they aren't likely to go back again rather than
finding another sucker.
Mike
More information about the NANOG
mailing list