Just as with blackmail (i.e., ransomware), the most expedient way out of a kidnapping (i.e., data theft) situation appears to be “just pay the ransom.” Sure is tempting, right? Just pay $17,000 and avoid spending millions to clean up the mess through other means. After all, that’s what Hollywood Presbyterian Medical Center did. Why not you?
Unfortunately, it looks like paying ransom is happening quite a bit these days. According to Jeremy Kirk over at IT World:
Over the last year, companies have at times paid more than US$1 million in hush money to cyberattackers who have stolen their sensitive data and threatened to release it online, said Charles Carmakal, a vice president with Mandiant, the computer forensics unit of FireEye, in an interview on Wednesday.
Payers of ransoms will get the same result as if they gave the bully their milk money: Regular demands from the bully every day from then on for money and (eventually) their friends’ money, too.
For the sake of our dignity, and the good of our world, we can’t cooperate with (cyber) bullies!