A grand jury in Kansas City indicted Rim Jong Hyok, accusing him of laundering ransom money and using it to fund additional cyberattacks on defense, technology and government entities around the world
The hospital paid about $100,000 in Bitcoin to get its data back.
The department said it recovered that ransom as well as a payment from a Colorado health care provider affected by the same Maui ransomware variant.
Why are people this dumb? Don’t pay ransoms. Ever. There’s no guarantee they will delete their copy, and you should have proper backups anyway (you do make backups, right?).
It worked out in this case, but it’s still an extremely stupid move.
Depending on who compromised you, paying the ransom is the smart move.
As long as the hacker group has a somewhat established name and reputation, they have more to lose from keeping a copy afterwards than to gain. Trust is like half of the business model for these groups - throwing it all away for a one-time gain isn’t the smartest move.
And while you should obviously keep a backup, in the end it might be cheaper to just pay up, especially because of potential future lawsuits should customer data be leaked.
Also, you should absolutely make sure the hackers actually have stolen data instead of merely encrypting it all with a secret key. There’s no point in paying in that case.
That’s why contacting the police is the right move, they’ll be able to investigate and determine who stole the data, or if it’s just encrypted. You can also get someone to investigate for you outside the police if you like (the police can be quite slow).
Why are people this dumb? Don’t pay ransoms. Ever. There’s no guarantee they will delete their copy, and you should have proper backups anyway (you do make backups, right?).
It worked out in this case, but it’s still an extremely stupid move.
Depending on who compromised you, paying the ransom is the smart move.
As long as the hacker group has a somewhat established name and reputation, they have more to lose from keeping a copy afterwards than to gain. Trust is like half of the business model for these groups - throwing it all away for a one-time gain isn’t the smartest move.
And while you should obviously keep a backup, in the end it might be cheaper to just pay up, especially because of potential future lawsuits should customer data be leaked.
Also, you should absolutely make sure the hackers actually have stolen data instead of merely encrypting it all with a secret key. There’s no point in paying in that case.
That’s why contacting the police is the right move, they’ll be able to investigate and determine who stole the data, or if it’s just encrypted. You can also get someone to investigate for you outside the police if you like (the police can be quite slow).