QUESTION HOW WOULD YOU EVER KNOW?
Where did the anonymous tip to the BBC come from, a security firm on one side and on the other?
Why tip off negotiations which might get the perpetrator, or a security firm double agent, caught?
Why tip off the media in the first place?
Is the tipper a whistleblower of firm wrongdoing, or a mole? Or both.
If the tipper is also a traitor firm insider, same questions.
Where did the anonymous tip to the BBC come from, a security firm on one side and on the other?
Why tip off negotiations which might get the perpetrator, or a security firm double agent, caught?
Why tip off the media in the first place?
Is the tipper a whistleblower of firm wrongdoing, or a mole? Or both.
If the tipper is also a traitor firm insider, same questions.
A leading medical-research institution working on a cure for Covid-19 has admitted it paid hackers a $1.14m (£910,000) ransom after a covert negotiation witnessed by BBC News.
The Netwalker criminal gang attacked University of California San Francisco (UCSF) on 1 June.
IT staff unplugged computers in a race to stop the malware spreading.
And an anonymous tip-off enabled BBC News to follow the ransom negotiations in a live chat on the dark web.
Cyber-security experts say these sorts of negotiations are now happening all over the world - sometimes for even larger sums - against the advice of law-enforcement agencies, including the FBI, Europol and the UK's National Cyber Security Centre.
Netwalker alone has been linked to at least two other ransomware attacks on universities in the past two months.
Brett Callow, a threat analyst at cyber-security company Emsisoft, said: "Organisations in this situation are without a good option.
"Even if they pay the demand, they'll simply receive a pinky-promise that the stolen data will be deleted.
"But why would a ruthless criminal enterprise delete data that it may be able to further monetise at a later date?"
"The constantly changing student population, combined with a culture of openness and information-sharing, can conflict with the rules and controls often needed to effectively protect the users and systems from attack."
"The constantly changing student population, combined with a culture of openness and information-sharing, can conflict with the rules and controls often needed to effectively protect the users and systems from attack."
No comments:
Post a Comment