Will Your CFO Pay Hush Money to Data Thieves?

Just as with black­mail (i.e., ran­somware), the most expe­di­ent way out of a kid­nap­ping (i.e., data theft) sit­u­a­tion appears to be “just pay the ran­som.” Sure is tempt­ing, right? Just pay $17,000 and avoid spend­ing mil­lions to clean up the mess through oth­er means. After all, that’s what Hol­ly­wood Pres­by­ter­ian Med­ical Cen­ter did. Why not you?

money pile

Unfor­tu­nate­ly, it looks like pay­ing ran­som is hap­pen­ing quite a bit these days. Accord­ing to Jere­my Kirk over at IT World:

Over the last year, com­pa­nies have at times paid more than US$1 mil­lion in hush mon­ey to cyber­at­tack­ers who have stolen their sen­si­tive data and threat­ened to release it online, said Charles Car­makal, a vice pres­i­dent with Man­di­ant, the com­put­er foren­sics unit of Fire­Eye, in an inter­view on Wednes­day.

Pay­ers of ran­soms will get the same result as if they gave the bul­ly their milk mon­ey: Reg­u­lar demands from the bul­ly every day from then on for mon­ey and (even­tu­al­ly) their friends’ mon­ey, too.

For the sake of our dig­ni­ty, and the good of our world, we can’t coop­er­ate with (cyber) bul­lies!


Please note: I reserve the right to delete comments that are offensive or off-topic.