lilredrooster
lilredrooster
Joined: May 8, 2015
  • Threads: 198
  • Posts: 4552
May 14th, 2021 at 2:46:17 AM permalink
......................



to get the gas flowing in their pipeline again


criminal hackers all over the world must be jumping for joy





https://www.nytimes.com/2021/05/13/us/politics/biden-colonial-pipeline-ransomware.html?action=click&module=Top%20Stories&pgtype=Homepage




*
"𝘣𝘦𝘭𝘪𝘦𝘷𝘦 𝘩𝘢𝘭𝘧 𝘰𝘧 𝘸𝘩𝘢𝘵 𝘺𝘰𝘶 𝘴𝘦𝘦 𝘢𝘯𝘥 𝘯𝘰𝘯𝘦 𝘰𝘧 𝘸𝘩𝘢𝘵 𝘺𝘰𝘶 𝘩𝘦𝘢𝘳"______Edgar Allan Poe
onenickelmiracle
onenickelmiracle
Joined: Jan 26, 2012
  • Threads: 212
  • Posts: 8277
May 14th, 2021 at 4:50:59 AM permalink
$5 million is almost a joke. I almost posted a thread on this yesterday because I thought it was such a low number. Now they're saying they accepted such a low offer out of fear they landed on a too valuable target. They could have said 5 billion and the ransom might be feasible. If the ransom wasn't in BTC, how would they otherwise do it?
I am a robot.
SOOPOO
SOOPOO
Joined: Aug 8, 2010
  • Threads: 115
  • Posts: 8689
May 14th, 2021 at 5:04:33 AM permalink
Quote: onenickelmiracle

$5 million is almost a joke. I almost posted a thread on this yesterday because I thought it was such a low number. Now they're saying they accepted such a low offer out of fear they landed on a too valuable target. They could have said 5 billion and the ransom might be feasible. If the ransom wasn't in BTC, how would they otherwise do it?



Very bad precedent!!! My hospital was hacked and the ransom was in Bitcoin. And was maybe $100k worth? The hospital, which is owned by the county, refused to pay. The estimate was it cost $10,000,000 to return to normal. It was a nightmare for the MONTH or two it took to have access to the records/files/programs that were hacked.

I believe that you NEVER reward a criminal enterprise.
heatmap
heatmap
Joined: Feb 12, 2018
  • Threads: 202
  • Posts: 1724
May 14th, 2021 at 5:42:56 AM permalink
Quote: SOOPOO

Very bad precedent!!! My hospital was hacked and the ransom was in Bitcoin. And was maybe $100k worth? The hospital, which is owned by the county, refused to pay. The estimate was it cost $10,000,000 to return to normal. It was a nightmare for the MONTH or two it took to have access to the records/files/programs that were hacked.

I believe that you NEVER reward a criminal enterprise.



that was the IT departments fault.

they obv werent aware of what programs had what bugs and didnt keep them up to date frequently - although were talking about hackers so there is the possibility of a "zero-day"

and they dont need to pay the hackers if they have off site backups or backups in general.
DRich
DRich
Joined: Jul 6, 2012
  • Threads: 80
  • Posts: 8538
May 14th, 2021 at 6:44:02 AM permalink
Quote: heatmap





and they dont need to pay the hackers if they have off site backups or backups in general.



I don't agree with that. If you restore your backup you are still vulnerable and the hackers can immediately get back in and do it again the same way. Until you fix your systems and software you are in trouble.
Order from chaos
heatmap
heatmap
Joined: Feb 12, 2018
  • Threads: 202
  • Posts: 1724
May 14th, 2021 at 12:01:18 PM permalink
Quote: DRich

Until you fix your systems and software you are in trouble.



absolutely you need to change passwords and everything before you reconnect it but the main thing is the physical computer - if you are willing to disconnect it and take the time to do as you said you should be fine

the time is the part that gets everyone - they aint got time to lose that time workin!
DRich
DRich
Joined: Jul 6, 2012
  • Threads: 80
  • Posts: 8538
Thanks for this post from:
heatmap
May 14th, 2021 at 12:16:30 PM permalink
Quote: heatmap

absolutely you need to change passwords and everything before you reconnect it but the main thing is the physical computer - if you are willing to disconnect it and take the time to do as you said you should be fine

the time is the part that gets everyone - they aint got time to lose that time workin!



Yes, businesses are usually in too much of a hurry so they will not upgrade properly. About a month ago I had to upgrade an Oracle installation and it took six days to accomplish it. I'm talking 24 hours hours a day for six days before it finished.
Order from chaos
heatmap
heatmap
Joined: Feb 12, 2018
  • Threads: 202
  • Posts: 1724
May 14th, 2021 at 12:53:58 PM permalink
Quote: DRich

Yes, businesses are usually in too much of a hurry so they will not upgrade properly. About a month ago I had to upgrade an Oracle installation and it took six days to accomplish it. I'm talking 24 hours hours a day for six days before it finished.



Funny story about this kind of thing

In school our final project for networking security was red team blue team kind of thing

Our team was "protecting a schools data" - this was a hypotheitcal and all we had to do was make the plan for defending against the people trying to "steal the data"

Literally the first thing the teacher said was “there has never been two grades of A ever given out for this project whoever loses gets a B for the grade”

Anyways our team was so thorough to the point where we were able to get a hold of the other teams plans.

I was tasked with stealing the plans from one of the kids - funny thing is they never knew we had stolen it.

Unfortunately for me the plans were fake and it was planned all along that they were going to ransom our data

Our team had Person in the military on it that knew security in and out

We had ALMOST every facet of our building locked down

Freaking red team hacks in and ransoms our school server

Teacher gave us all As because of how thorough we were and because of how new ransom ware was at the time we never planned for it so he felt bad lol

edit im really sorry about the grammar i know im not normally that great at typing what i say but this was written on mobile in a hurry so
Last edited by: heatmap on May 14, 2021
rxwine
rxwine
Joined: Feb 28, 2010
  • Threads: 173
  • Posts: 10539
May 14th, 2021 at 1:25:44 PM permalink
It would be more interesting if the company reported they were fully up to date on security measures. I’m guessing sadly, that wasn’t the case.

Seems like if you have multi-million assets to protect, that would be a priority.
Last edited by: rxwine on May 14, 2021
The Hall of Unverified Claims is a vast place with many shelves.
Vegasrider
Vegasrider
Joined: Dec 23, 2017
  • Threads: 77
  • Posts: 827
May 14th, 2021 at 1:48:36 PM permalink
Just charge a few cents more for gas, and they have recouped that 5 mil in a matter of weeks

  • Jump to: