$11 Million Ransom Paid

[Bootney Lee Farnsworth]

I know nothing about these attacks and they make no sense to me. We had meat packing plants and fuel pipelines many years ago without one computer being involved or anything online.

Times have changed, as has technology and the dependence on that technology. 'Ransomware' and cyber hacking / extortion was not a 'thing' 'many years ago'. Welcome to the 21st Century.

Proper backup systems prevent all of this.

 

[Ray From Cleveland]

Companies cannot compete in a global marketplace without major ongoing investments in Information Systems, just not possible (unless you're a very small business), if you don't invest in them your competitors will and they'll kick your butt in the marketplace.

I agree with you on the "we let it control our lives way too much" part though, that's something that I worry about all the time, I also worry about the fact that individuals don't take cyber security seriously until they become a victim.

But is the reason they are not taking it seriously enough because of competition? These systems are very expensive. Any business has to recover their investments by increasing prices of their products or services.

 

[OldLady]

Sucks that this meat packing company had to pay an $11 million ransom.

Meatpacker JBS says it paid equivalent of $11 mln in ransomware attack

Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO said in a statement on Wednesday.

www.reuters.com

As long as these hackers can get away with it and make millions off it, why would they stop?
WHY CAN'T WE CATCH THESE SCOUNDRELS?
There needs to be a cyber defense that bites back the instant one of these things happens. Trashes their computer brains, traces a footprint directly to the hacker's door.

Oh if were only that easy! cybersecurity is a constant game of cat and mouse, the threats are ever evolving and there is never such a thing as "good enough". Cybersecurity is a big part of my job and I can tell you from first hand experience catching (i.e. finding the person responsible) an attacker is no simple feat. I've tracked attackers down to their doorstep on multiple occasions and had 2 cases that led to successful prosecution, however that took a lot of detective work (i.e. time and effort away from doing other work) and I had to turn over quite a lot of evidence to authorities, in these cases it was just an individual attacker.

The folks that pulled off this attack (as well as the recent Colonial Pipeline attack) aren't individual attackers, they're small corporations, with full support staff, they're not amateurs that don't know how to cover their tracks, VERY difficult to catch, even for major tech companies (e.g. Microsoft, Cisco, Google, etc..,) or Government Agencies (NSA, FBI, etc..,). Couple that with the fact that their targets are WAY outgunned in terms of expertise and budget and it's a very low risk, high reward proposition for these criminals.

Things are getting better, companies are now recognizing that they need to open their wallets and spend on cybersecurity (for example my annual cybersecurity budget has tripled in the last 2 years) and insurance companies are now requiring their clients to implement certain security steps (e.g. Multifactor Auth) before they'll onboard them for cyber insurance, but we still have a LONG way to go before we can start winning this war.

Thank you for what you do ! It's so important.

 

[NightFox]

Companies cannot compete in a global marketplace without major ongoing investments in Information Systems, just not possible (unless you're a very small business), if you don't invest in them your competitors will and they'll kick your butt in the marketplace.

I agree with you on the "we let it control our lives way too much" part though, that's something that I worry about all the time, I also worry about the fact that individuals don't take cyber security seriously until they become a victim.

But is the reason they are not taking it seriously enough because of competition? These systems are very expensive. Any business has to recover their investments by increasing prices of their products or services.

Actually products and services are CHEAPER thanks to Information Systems, they increase productivity at costs that are below the alternative (human labor) as well as offering a host of other competitive advantages (for example being able to easily connect with the lowest cost sources for inputs into your products/services on a global scale), that's why they're classified as investments, they're like any other labor saving machines in that regard. Cyber security outlays can be thought of as a sort of "insurance" to protect the value of those investments, similar to an investment made in fire control systems in your building to help prevent losing your investment in it to a fire.

As far as "taking it seriously enough", are you referring to cyber security?

 

[NightFox]

I know nothing about these attacks and they make no sense to me. We had meat packing plants and fuel pipelines many years ago without one computer being involved or anything online.

Times have changed, as has technology and the dependence on that technology. 'Ransomware' and cyber hacking / extortion was not a 'thing' 'many years ago'. Welcome to the 21st Century.

Proper backup systems prevent all of this.

Doesn't prevent it, you still must mitigate the damage (i.e recovery) which costs time, money, and (possibly) lost business.

It's not as simple as just performing backups, one of the first things attackers go after are backups and storage system level snapshots, so your strategy MUST include immutable offline (aka "Cybersecurity Vault") images of backups/replicas that cannot be altered by malware.

 

[Winco]

Russia ran some Facebook ads. They had nothing to do with the 2016 election.

Sucks that this meat packing company had to pay an $11 million ransom.

Meatpacker JBS says it paid equivalent of $11 mln in ransomware attack

Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO said in a statement on Wednesday.

www.reuters.com

As long as these hackers can get away with it and make millions off it, why would they stop?
WHY CAN'T WE CATCH THESE SCOUNDRELS?
There needs to be a cyber defense that bites back the instant one of these things happens. Trashes their computer brains, traces a footprint directly to the hacker's door.

It appears that the US has fallen behind in cyber security

Our education system and the government are at fault and must be held accountable

Thank goodness for Homeschooling.
That, according to RWI's, is the best.
But in reality, they don't learn shit at home.

 

[Winco]

how the Anti-Trump cultists characterized everything.

Nice spin.
The ONLY cult is the trump Cult.

 

[Dana7360]

Sucks that this meat packing company had to pay an $11 million ransom.

Meatpacker JBS says it paid equivalent of $11 mln in ransomware attack

Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO said in a statement on Wednesday.

www.reuters.com

It's all done through emails.

The only solution I can see is for business to have their email system separate from the rest of the company operations. So the operations of the business can't be disrupted by an email.

It doesn't look like private business and government are going to do much about stopping it so the only solution I can see is to have two separate systems in business.

 

[Mac-7]

Russia ran some Facebook ads. They had nothing to do with the 2016 election.

Sucks that this meat packing company had to pay an $11 million ransom.

Meatpacker JBS says it paid equivalent of $11 mln in ransomware attack

Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO said in a statement on Wednesday.

www.reuters.com

As long as these hackers can get away with it and make millions off it, why would they stop?
WHY CAN'T WE CATCH THESE SCOUNDRELS?
There needs to be a cyber defense that bites back the instant one of these things happens. Trashes their computer brains, traces a footprint directly to the hacker's door.

It appears that the US has fallen behind in cyber security

Our education system and the government are at fault and must be held accountable

Thank goodness for Homeschooling.
That, according to RWI's, is the best.
But in reality, they don't learn shit at home.

I did not mention home schooling so I wont defend things I havent said

Private schools that are not under the influence of the federal dept of education and the lib teachers union would be a step on the right direction

That is to say school choice which liberals strongly oppose

 

[jbrownson0831]

Sucks that this meat packing company had to pay an $11 million ransom.

Meatpacker JBS says it paid equivalent of $11 mln in ransomware attack

Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO said in a statement on Wednesday.

www.reuters.com

As long as these hackers can get away with it and make millions off it, why would they stop?
WHY CAN'T WE CATCH THESE SCOUNDRELS?
There needs to be a cyber defense that bites back the instant one of these things happens. Trashes their computer brains, traces a footprint directly to the hacker's door.

I don't know, maybe ask Pinochijoe.

 

[Dana7360]

Sucks that this meat packing company had to pay an $11 million ransom.

Meatpacker JBS says it paid equivalent of $11 mln in ransomware attack

Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO said in a statement on Wednesday.

www.reuters.com

If DJT was in the WH this doesn’t happen

It just happens on a much larger scale and they hack our government systems instead of private business for a long time before trump knew about it but didn't do much when he found out.

So trump allowed the russian intelligence agency to hack our government computers and didn't do anything about it.

Federal government breached by Russian hackers who targeted FireEye

The CEO of cybersecurity company FireEye said they appeared to be trying to steal information from government clients.

www.nbcnews.com

Suspected Russian hackers spied on U.S. Treasury emails - sources

Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of the iceberg.

www.reuters.com

 

[struth]

Sucks that this meat packing company had to pay an $11 million ransom.

Meatpacker JBS says it paid equivalent of $11 mln in ransomware attack

Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO said in a statement on Wednesday.

www.reuters.com

it’s sad the xiden/harris admin can’t keep us safe from cyber attacks

now the price of meat will continue to rise due to the xiden harris failure of an admin...

Oh the irony. None of you said a word when Putin helped install the idiot trump now you want Joe to fix it. Typical.

Sorry...that’s untrue. Everyone was in full support of election security measures

it was the dems that lied about a russian conspiracy hoax and distracted from the issue

 

[Ray From Cleveland]

Thank goodness for Homeschooling.
That, according to RWI's, is the best.
But in reality, they don't learn shit at home.

Tell that to my friend who has two kids in college from home school and doing great.

 

[Mac-7]

I think foreign hackers have more incentive to be hackers than most America kids have

A low standard of living is a strong motivating factor for russians and others to better themselves financially

 

[Ray From Cleveland]

Actually products and services are CHEAPER thanks to Information Systems, they increase productivity at costs that are below the alternative (human labor) as well as offering a host of other competitive advantages (for example being able to easily connect with the lowest cost sources for inputs into your products/services on a global scale), that's why they're classified as investments, they're like any other labor saving machines in that regard. Cyber security outlays can be thought of as a sort of "insurance" to protect the value of those investments, similar to an investment made in fire control systems in your building to help prevent losing your investment in it to a fire.

As far as "taking it seriously enough", are you referring to cyber security?

No, what I mean by not taking it serious enough is not doing everything possible to protect their information and controls. In other words if we at company X invest 20 million dollars in top line cyber security, isn't it better to take a chance at being hacked and having to pay 3 million to get our operations back? We would save 17 million! Of course I know nothing of what all this costs, I'm just grabbing numbers out of the air.

Working in industry I'm kind of familiar how companies think. Years ago a friend of mine told me his transportation company has a rule that every trailer must have at least 30,000 lbs of freight in them. When you're talking about freight like big screens or empty plastic containers, that's pretty hard to accomplish in those short trailers. He explained to his supervisor that he couldn't get 30,000 of freight unless he smashed everything in the trailer. The supervisor told him then that's the way you do it!

When my friend told me of this, I questioned the company policy. He said according to the pencil pushers, they gross 6 million dollars of freight every month, and have 2 million dollars of damage claims the way they do things. Now if they baby the freight then those trailers will not have 30,000 lbs of freight, and they will end up grossing 4 million dollars with about 1 million in damaged freight claims.

So I asked my friend did they ever consider the loss of customers who keep getting damaged freight from them all the time? He said there is no button on the calculator for that. They sold the company about four years ago.

 

[NightFox]

Sucks that this meat packing company had to pay an $11 million ransom.

Meatpacker JBS says it paid equivalent of $11 mln in ransomware attack

Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO said in a statement on Wednesday.

www.reuters.com

As long as these hackers can get away with it and make millions off it, why would they stop?
WHY CAN'T WE CATCH THESE SCOUNDRELS?
There needs to be a cyber defense that bites back the instant one of these things happens. Trashes their computer brains, traces a footprint directly to the hacker's door.

Oh if were only that easy! cybersecurity is a constant game of cat and mouse, the threats are ever evolving and there is never such a thing as "good enough". Cybersecurity is a big part of my job and I can tell you from first hand experience catching (i.e. finding the person responsible) an attacker is no simple feat. I've tracked attackers down to their doorstep on multiple occasions and had 2 cases that led to successful prosecution, however that took a lot of detective work (i.e. time and effort away from doing other work) and I had to turn over quite a lot of evidence to authorities, in these cases it was just an individual attacker.

The folks that pulled off this attack (as well as the recent Colonial Pipeline attack) aren't individual attackers, they're small corporations, with full support staff, they're not amateurs that don't know how to cover their tracks, VERY difficult to catch, even for major tech companies (e.g. Microsoft, Cisco, Google, etc..,) or Government Agencies (NSA, FBI, etc..,). Couple that with the fact that their targets are WAY outgunned in terms of expertise and budget and it's a very low risk, high reward proposition for these criminals.

Things are getting better, companies are now recognizing that they need to open their wallets and spend on cybersecurity (for example my annual cybersecurity budget has tripled in the last 2 years) and insurance companies are now requiring their clients to implement certain security steps (e.g. Multifactor Auth) before they'll onboard them for cyber insurance, but we still have a LONG way to go before we can start winning this war.

Thank you for what you do ! It's so important.

Very kind of you to say so, From my perspective I consider myself very blessed to be engaged in a field that I really enjoy and that offers constant new challenges and opportunities to learn, not to mention getting to interact with amazing professionals from all over the global.

Stay safe.

 

[NightFox]

Actually products and services are CHEAPER thanks to Information Systems, they increase productivity at costs that are below the alternative (human labor) as well as offering a host of other competitive advantages (for example being able to easily connect with the lowest cost sources for inputs into your products/services on a global scale), that's why they're classified as investments, they're like any other labor saving machines in that regard. Cyber security outlays can be thought of as a sort of "insurance" to protect the value of those investments, similar to an investment made in fire control systems in your building to help prevent losing your investment in it to a fire.

As far as "taking it seriously enough", are you referring to cyber security?

No, what I mean by not taking it serious enough is not doing everything possible to protect their information and controls. In other words if we at company X invest 20 million dollars in top line cyber security, isn't it better to take a chance at being hacked and having to pay 3 million to get our operations back? We would save 17 million! Of course I know nothing of what all this costs, I'm just grabbing numbers out of the air.

I understand what you're saying, and it is a question of risk analysis, however a successful breach can easily put a company out of business or result in severe damage to their reputation (an intangible), intellectually property or operations that can hurt their business for years. It's also not a problem that you can just throw money at, you need the expertise and executive level support to spend it effectively, the expertise and the will in C Suites to engage with that expertise are the resources that IMHO are the most lacking.

Working in industry I'm kind of familiar how companies think. Years ago a friend of mine told me his transportation company has a rule that every trailer must have at least 30,000 lbs of freight in them. When you're talking about freight like big screens or empty plastic containers, that's pretty hard to accomplish in those short trailers. He explained to his supervisor that he couldn't get 30,000 of freight unless he smashed everything in the trailer. The supervisor told him then that's the way you do it!

When my friend told me of this, I questioned the company policy. He said according to the pencil pushers, they gross 6 million dollars of freight every month, and have 2 million dollars of damage claims the way they do things. Now if they baby the freight then those trailers will not have 30,000 lbs of freight, and they will end up grossing 4 million dollars with about 1 million in damaged freight claims.

So I asked my friend did they ever consider the loss of customers who keep getting damaged freight from them all the time? He said there is no button on the calculator for that. They sold the company about four years ago.

Good analogy, thanks for sharing it!

Consider a situation where your business is under constant assault by criminals looking for weakness to exploit (i.e. they're constantly checking the "locks" on your systems to see if there's an opening) from all over the globe 24x7x365 and their methods of attack constantly evolve to exploit vulnerabilities that even the manufacturers of hardware/software that you have in place aren't even aware of yet.

That's the situation most businesses around the globe today are facing, it's a never-ending battle, the best you can hope for is to make yourself an unattractive target by constantly keeping up to date with technology & expertise.

 

[AzogtheDefiler]

Sucks that this meat packing company had to pay an $11 million ransom.

Meatpacker JBS says it paid equivalent of $11 mln in ransomware attack

Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO said in a statement on Wednesday.

www.reuters.com

If DJT was in the WH this doesn’t happen

It happened plenty when DJT was in the WH.

Really? Got a

A new report from consumer tech information site Comparitech shows that cyber attacks cost American government organizations about $18.88 billion in recovery costs and downtime in 2020.

Last year, U.S. government organizations suffered 79 ransomware attacks, which potentially impacted 71 million people. This marked a 35 percent decrease in the number of ransomware attacks counted in 2019.

The hackers behind these attacks demanded ransom amounts from between $2,500 and $5 million. The average ransom demanded in 2020 was $570,857. Over $1.75 million was actually paid to hackers.

Report: Ransomware attacks cost local and state governments over $18 billion in 2020 - American City and County

A new report from consumer tech information site Comparitech shows that cyber attacks cost American government organizations about $18.88 billion in recovery costs and downtime in 2020. Last year, U.S. government organizations suffered 79 ransomware attacks, which potentially impacted 71 million...

www.americancityandcounty.com

This is from Russia

 

[AzogtheDefiler]

Sucks that this meat packing company had to pay an $11 million ransom.

Meatpacker JBS says it paid equivalent of $11 mln in ransomware attack

Meatpacker JBS USA paid a ransom equivalent to $11 million following a cyberattack that disrupted its North American and Australian operations, the company's CEO said in a statement on Wednesday.

www.reuters.com

If DJT was in the WH this doesn’t happen

It just happens on a much larger scale and they hack our government systems instead of private business for a long time before trump knew about it but didn't do much when he found out.

So trump allowed the russian intelligence agency to hack our government computers and didn't do anything about it.

Federal government breached by Russian hackers who targeted FireEye

The CEO of cybersecurity company FireEye said they appeared to be trying to steal information from government clients.

www.nbcnews.com

Suspected Russian hackers spied on U.S. Treasury emails - sources

Hackers believed to be working for Russia have been monitoring internal email traffic at the U.S. Treasury and Commerce departments, according to people familiar with the matter, adding they feared the hacks uncovered so far may be the tip of the iceberg.

www.reuters.com

He “allowed”?

 

[Ray From Cleveland]

Consider a situation where your business is under constant assault by criminals looking for weakness to exploit (i.e. they're constantly checking the "locks" on your systems to see if there's an opening) from all over the globe 24x7x365 and their methods of attack constantly evolve to exploit vulnerabilities that even the manufacturers of hardware/software that you have in place aren't even aware of yet.

That's the situation most businesses around the globe today are facing, it's a never-ending battle, the best you can hope for is to make yourself an unattractive target by constantly keeping up to date with technology & expertise.

If this is indeed a worldwide problem, then the solution is for the world to unite on this one particular subject to defeat those doing things like that to world businesses. Every country agree they will do whatever is possible to locate such people if such attacks are coming from their country. As I posted earlier, if this were happening under Trump, he'd do something like offer a 10 million dollar reward to anybody that rats out these culprits that leads to their arrest or their death.