Alltech IT Solutions Blog

Is it Wrong to Purchase Access to Your Own Data?

Is it Wrong to Purchase Access to Your Own Data?

Ransomware is a contender for the favorite method of attack for hackers. If you think about it, ransomware presents a no-loss situation. Either the victim pays the ransom and the hackers laugh all the way to the bank, or they move on to the next target and give them the same ultimatum.

The SamSam Scenario

The SamSam outbreak, which began in 2015 and continued until 2018, caused over $30,000,000 in damages across 200 entities, mostly due to the fact that it took down a couple of important municipalities, including the cities of Atlanta and Newark, the port of San Diego, the Colorado Department of Transportation, and medical records across the nation. In the case of Newark, the ransomware hackers demanded that the victims pay up within one week using Bitcoin. At that time, the attackers would then render the files useless.

In November of 2018, then deputy attorney general Rod Rosenstein announced that two Iranian men had been indicted on fraud charges by the United States Department of Justice. They had allegedly developed the SamSam strain and carried out attacks using it. Considering the fact that many of the targets were public agencies responsible for addressing disasters and other dangerous incidents, it was reasonable to assume that these actions could have led to considerable harm to innocent people. Those responsible for these threats were never apprehended.

How Some Cybersecurity Firms Pay the Ransoms

Jonathan Storfer, a former employee of Proven Data Recovery in Elmsford, New York, regularly made ransomware payments to SamSam hackers for over a year. These payments were traced by ProPublica, which found that the payments made from 2017-to-2018 went from an online wallet controlled by Proven Data, through up to 12 Bitcoin addresses, to a wallet controlled by the perpetrators. He had this to say about the incident:

“I would not be surprised if a significant amount of ransomware both funded terrorism and also organized crime… So, the question is, every time that we get hit by SamSam, and every time we facilitate a payment – and here’s where it gets really dicey – does that mean we are technically funding terrorism?”

Proven Data claims to assist ransomware victims with recovering their files using the latest technology, but according to Storfer and the FBI, the reality of the situation is that Proven Data is paying ransoms to obtain the decryption tools needed by the clients. Storfer even states that the firm had such a business-like relationship with the hackers that they would recommend victims go to Proven Data to recover their files. Sounds a little fishy, if nothing else.

Another Florida-based firm called MonsterCloud used similar strategies, paying the ransoms without notifying victims, then adding an upcharge to the ransom payment.

But where is the money for these payments coming from? In the case of SamSam, many victims received government funding, meaning that the bill was effectively footed by the United States taxpayers.

Differing Accounts from Proven Data Recovery

Proven Data provides the following disclaimer on their website:

“[PROVEN DATA] DOES NOT CONDONE OR SUPPORT PAYING THE PERPETRATOR’S DEMANDS AS THEY MAY BE USED TO SUPPORT OTHER NEFARIOUS CRIMINAL ACTIVITY, AND THERE IS NEVER ANY GUARANTEE TO OBTAIN THE KEYS, OR IF OBTAINED, THEY MAY NOT WORK. UNFORTUNATELY, SOME CASES MAY REQUIRE THE PAYMENT OF THE DEMAND IN HOPES OF OBTAINING THE MEANS TO DECRYPT YOUR DATA. AS A LAST RESORT OPTION, [PROVEN DATA] RESERVES THE RIGHT TO PAY THE DEMAND FOR THE PURPOSE OF RESTORING BUSINESS FUNCTIONALITY AS SOON AS POSSIBLE. THE CLIENT ACKNOWLEDGES THAT THIS WILL BE AN OPTION EXPLORED BY [PROVEN DATA] IF ALL OTHER CONVENTIONAL METHODS ARE NOT POSSIBLE.”

According to the company’s chief executive, Victor Congionti, their actual operating procedures differ from this statement. If a decryption key is already available (indicating that a hacker utilized an outdated version of their attack), Proven Data defaults to paying the ransom. In fact, they are open with their clients about doing this. According to Congionti, the SamSam attackers were paid by the direction of their clients, but Proven Data ceased interactions with them upon the discovery that they were dealing with Irani nationals.

Should Your Business Pay the Ransom?

Congionti would argue yes. In his words, “It is easy to take the position that no one should pay a ransom in a ransomware attack because such payments encourage future ransomware attacks. It is much harder, however, to take that position when it is your data that has been encrypted and the future of your company and all of the jobs of your employees are in peril. It is a classic moral dilemma.”

The Federal Bureau of Investigation’s stance on this issue seems to vary. One FBI spokesperson says that paying a ransom “encourages continued criminal activity, leads to other victimizations, and can be used to facilitate serious crimes.” However, 2015 news reports quoted an assistant special agent with the FBI’s cyber program saying that they “often advise people to just pay the ransom.”

We argue that you should never pay a cybercriminal’s ransom. We don’t know how some people sleep at night knowing that they have funded further attacks. Taking a proactive approach to network security can deter you from even needing to make a payment in the first place. Furthermore, a data backup solution means that you can just retroactively restore your data to a point when it wasn’t struck by a ransomware attack.

To learn more about how we can help your business keep itself safe, reach out to us at 954-628-3770.

Tip of the Week: Simplify Your Day at Work
Hack Enabled by NSA-Developed Tool
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, June 06 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.alltechits.com/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Managed IT Service Internet Employer-Employee Relationship eWaste Employer Employee Relationship Personal Information Best Practices Dark Web Database Ransomware Co-Managed IT Remote Control Digital Wireless Internet Google Artificial Intelligence HIPAA Data Security DDoS Troubleshooting Access Control Biometrics Managed IT Outsourced IT Data loss Business Technology Communications Recovery Display Virtual Reality Financial Two-factor Authentication Threat Government Payment Cards Windows Thank You Blockchain Cybersecurity Windows 7 Budget Hosted Solutions Paper Spyware Applications Managed IT Services SaaS Plug-In Remote Workers Technology Server IT budget Computers Electronic Health Records Customer Service Samsung Botnet Unified Threat Management Cloud Computing Employees Conferencing Spam Websites HaaS Vendor Management Backup Google Maps Holidays VPN IT Services Spam Blocking GDPR Office 365 e-waste Productivity Telecommuting Microsoft Gadget Cortana Tip of the Week Touchscreen IT File Sharing Synergy Update disposal Storage Law Enforcement Reporting Mobile Emergency Technology Tips Analysis Training Business Live Streaming Updates Facebook Phishing Help Desk Apps Server Management Firewall Hiring/Firing Leadership Cloud Television Hackers Fleet Management Cryptocurrency Processor Security Compliance WiFi Alerts Cables Hosted Desktop Excel Network Attached Storage Office Automobile User Tips Company Culture Batteries Mobile Device Management Remote Monitoring and Management Knowledge Vendor Malware IT Support Humor Managed Service Virtual Private Network Mobility SSD Wireless Remote Monitoring Privacy Settings Shortcut iPhone Comparison Human Resources Browser Value Voice over IP Sports Safety Gaming Console Net Neutrality Congratulations Gadgets Insurance Online Shopping Networking Managed IT Services Instagram Bitcoin Twitter Workplace Tips Analytics VoIp Android Collaboration Patch Management Antivirus Profitability Data Freedom of Information Politics Printer Server Data Management Telecommute Video Laptop App Scams Going Green Payment Information Technology Quick Tips Save Money Hosted Solution Dark Data eCommerce Hacker Holiday Processors User Security WhatsApp Hard Drive Wi-Fi Remote Support National Security IaaS Productivity Information Router Remote Outlook Mobile Office Users Voice over Internet Protocol Downloads Data Protection How To Software Certification Managed Services Provider Disaster Recovery Bandwidth Remote Computing Files Smart Technology Printers Scalability Tech Terms Efficiency Physical Security Windows 10 Webcam Business Intelligence Internet Explorer Wearables Windows XP Taskbar Virtual Assistant OneNote Printer Mobile Devices Printing Distribution Bring Your Own Device Password Upgrade Retail Backup and Disaster Recovery BYOD Lead Generation Multi-Factor Security Communication PowerPoint Website Virus Time Management Maintenance Health The Internet of Things Telephone Systems VoIP Miscellaneous Mobile Device Managed Service Provider Emoji Battery Amazon Document Management Multi-Factor Authentication Spotify instant Messaging Shadow IT Cleaning A.I. Autocorrect Proactive IT CrashOverride Chrome OS Vulnerabilities E-Commerce Management Managing Stress Virtualization Microsoft Office 365 Operating System Scheduling Profiles Encryption Data Breach Licensing Threats Connectivity Eliminating Downtime Work/Life Balance Current Events Memes Credit Cards Mobile Security Error Tactics IT Support Access Solid State Drive Ink News Trends Business Computing Email Management Automation Marketing Big Data Yahoo Unified Communications Avoiding Downtime Recycling Workers Benchmarks Microsoft Teams Network Content Filtering Authentication Data Recovery Security Cameras Covid-19 Business Continuity Hardware Windows 10 Staff Tablet Paste File Management Travel Hacking Internet of Things Tip of the week Specifications Education Telephony IT Management Phone System Cybercrime Computer Cost Management Apple Healthcare BDR Customer Relationship Management Smartphones Saving Money Machine Learning Copy Cabling Telephone System G Suite Edge Millennials Entertainment Social Media Microsoft Office Google Drive Hybrid Cloud Wireless Charging HP Vulnerability Sales Dongle Passwords Data Backup Tech Term Smartphone Network Security Medical IT RAM Environment Video Games Office Tips Streaming Media Business Management WannaCry Paperless Office Authorization Windows Server 2008 R2 Social Network Worker Hard Disk Drive Risk Management Hard Drives Tech Support Staffing Search Project Management User Tip Innovation Money Word Email Computer Care Small Business Scam Movies Gmail Regulation Employee-Employer Relationship Alert Inventory Chrome