Is that a ransom or are you just happy to see me? - 19

There's a better than decent chance that by now you've heard about ransomware. WannaCry, and later NotPetya, catapulted ransomware into the private consciousness. It hasn't been great for humanity at large, especially because these take advantage of unpatched systems and you tend to see unpatched systems the most in areas like government departments and hospitals and so those tend to be the places most frequently and most deeply hurt. But it has had the benefit of highlighting the importance of security, security professionals, and the standards to which we hold service providers.

Unsurprisingly where there's a problem, there tends to be a solution, and in the space between one and the other you're usually likely to find someone with a gate in front of the solution and their hand out to make sure you can pay your way to the other side of the gate. So firms have popped up in the wake of ransomware campaigns to help businesses reclaim their data without giving in to the data-nappers.

But all is not well - these firms are faking. At least two companies, and very likely more that just haven't been caught yet, have been found to actually just give in to the data-nappers rather than have any technical ability whatsoever to reclaim or salvage the data. Some fine-tuning of the wording around their services on their page may help them duck out of legal issues now that they've been caught, but these companies don't even make an effort. From the article, within minutes of being contacted by someone posing as a "victim", the company immediately reached out to the "bad actor" to negotiate an amount for the decryption key.

They managed to talk the bad actor down on the fee, which I can argue at least brings some value to the customer, except that they then turn around and ask four times the amount to which they've managed to negotiate. Often times it'll be more than the ransom and they'll try to play on a customer's desire to simply not negotiate with the bad actors.

What a sham.

You'll only receive email when Brain Buffet publishes a new post

More fromĀ Brain Buffet