What's new
US Message Board - Political Discussion Forum

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Pay the Russians $5,000,000 in BitCoin for their ransomware attack (Poll)

Do you support paying the Russian ransom to unlock the Colonial Pipeline?

  • Yes, Russians are a lot smarter than Americans, in America math is "racist", ransoms are "equitable"

    Votes: 0 0.0%
  • No, we should NEVER pay ransoms

    Votes: 13 100.0%

  • Total voters
    13

Richard-H

Gold Member
Joined
Aug 19, 2008
Messages
6,712
Reaction score
1,569
Points
245
Maybe there's just more money to be made from hacking then from working corporate security. So the companies that hack get the best talent.

Besides, if it weren't for hackers, there'd be no market for cyber-security people. A symbiotic relationship.
 

Richard-H

Gold Member
Joined
Aug 19, 2008
Messages
6,712
Reaction score
1,569
Points
245
How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.
To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.
Remote monitoring. Connected to the internet, any executive anywhere can get up to the second status reports, etc. The bottom line is this, though. We don't really have a good way to actually fight off a ransomware attack short of making sure to have good backups of unencrypted data and proven restore procedures.
You mean 'Disaster Recovery' plans?

Everyone has them on paper, but nobody wants to foot the bill for a realistic disaster recovery capability.

I've been in dozens of disaster recovery tests...they're a joke.
 

Juicin

Gold Member
Joined
Mar 2, 2016
Messages
3,853
Reaction score
1,126
Points
140
FECKLESS. Describes the Xiden administration perfectly.
Feeble or ineffective.
Spiritless; weak; useless; worthless.


Stupid Russians probably could have gotten a lot more than $5m (crime pays!!).
Maybe they have even richer chumps lined up for their next ransomware attack?

IDK how you imagine it would cost to fix this. But the problem with most of these ransomware attacks is they ask for reasonable amounts so it makes sense to just pay.

My bet would be on a lot more than 5 mil once the added time it would take to solve it this way is factored in

Companies do this every day all over the globe.
 

colfax_m

Platinum Member
Joined
Nov 18, 2019
Messages
27,397
Reaction score
9,539
Points
465
The Federal government hired "Solar Winds" to secure their computer systems. The Russians just ate "solar wind's" lunch. Trump did not hire "solar winds" they were hired by the deep state idiots.
Who was president when Solar Winds was hacked? ANSWER: DONALD JENIUS TRUMP.
 
OP
kyzr

kyzr

Diamond Member
Joined
Oct 14, 2009
Messages
18,528
Reaction score
10,029
Points
1,255
Location
The AL part of PA
FECKLESS. Describes the Xiden administration perfectly.
Feeble or ineffective.
Spiritless; weak; useless; worthless.


Stupid Russians probably could have gotten a lot more than $5m (crime pays!!).
Maybe they have even richer chumps lined up for their next ransomware attack?

How quickly you blame Biden for the Putin's attack on American energy.

Donald Trump gutted the Cyber Security force to pay for his Wall. Trump also failed to do anything about the massive Russian hacking of government computers last year. Donald Trump spent 4 years giving the Russians unlimited access to hacking American computers, and then denied it was even happening.

Now that Trump's failures to protect the USA from Russian hackers has surfaced since he was voted out of office, the Putin propaganda machine and the Republicans are working hand in hand to use this to discredit Joe Biden.

Trump and Putin, working together, to destroy the USA, again.
1. Who was president when the Russians hit Colonial with ransomware, and PAID the $5m? ANS: JOE BIDEN
2. Stop lying about Trump, you TDS moron. The USSC said the wall funding was legal.
3. The Federal government hired "Solar Winds" to secure their computer systems. The Russians just ate "solar wind's" lunch. Trump did not hire "solar winds" they were hired by the deep state idiots.
The "solar winds" hack showed the US how the Russian government could hack the US and the US didn't even know it. The Russian computer experts were just smarter than the US computer experts. That make me very concerned.
4. LOL!! Xiden is the president not Trump. Xiden is working with Putin, not Trump. Damn you're stupid.

Americans still lead the world in technical expertise - but when profit is their only motive, security loses out.
I just read the wiki version of the solar winds hack. My God, WTF are they doing in DC? You can't read that and come away with any thoughts other than the Russians are the NFL, and DC are the JV team (as BO used to say).

Its not my field, but it seems that the CEOs are focusing on "firewalls", which reminds me of the Maginot Line.
1. My thoughts are to make a hack-proof OS, UNIX, LINUX, APPLE's, or a new one.
2. If an OS can't be made hack-proof the use "hard wired - unhackable" thumb-drive "keys" with passwords and strict limits on administer privileges.
3. If the US can't stop Russian hackers....not good.

Solarwinds, and just about all the companies involved are private companies. The federal government has not say in how they run their security.

For the most part private companies don't want to spend the money to make their systems secure proactively. They'd rather save money, then when it hits the fan they'll react....too late!
You really need to read the links I post before replying.
Solar Winds was a computer security company from Houston, like McAfee, who the Feds hired to protect the Federal computers from hacks, epic fail.
Read the wiki summary of solar winds.

What do you say when private companies and government entities spend the money and hire computer security "experts" and they still get hacked by smarter Russians?
 
Last edited:
OP
kyzr

kyzr

Diamond Member
Joined
Oct 14, 2009
Messages
18,528
Reaction score
10,029
Points
1,255
Location
The AL part of PA
How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.
To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....
That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.
 
OP
kyzr

kyzr

Diamond Member
Joined
Oct 14, 2009
Messages
18,528
Reaction score
10,029
Points
1,255
Location
The AL part of PA
The Federal government hired "Solar Winds" to secure their computer systems. The Russians just ate "solar wind's" lunch. Trump did not hire "solar winds" they were hired by the deep state idiots.
Who was president when Solar Winds was hacked? ANSWER: DONALD JENIUS TRUMP.
So who is president now, for this hack? Sleepy Joe Biden. Trump got blamed for everything that happened during his presidency, so Joe Xiden deserves the same. Paybacks are a bitch.
 

colfax_m

Platinum Member
Joined
Nov 18, 2019
Messages
27,397
Reaction score
9,539
Points
465
The Federal government hired "Solar Winds" to secure their computer systems. The Russians just ate "solar wind's" lunch. Trump did not hire "solar winds" they were hired by the deep state idiots.
Who was president when Solar Winds was hacked? ANSWER: DONALD JENIUS TRUMP.
So who is president now, for this hack? Sleepy Joe Biden. Trump got blamed for everything that happened during his presidency, so Joe Xiden deserves the same. Paybacks are a bitch.
Yeah, but your post seems to have double standards.

Trump isn’t at fault for a hack of the US government but Biden is at fault for the hack or a private corporation?
 
OP
kyzr

kyzr

Diamond Member
Joined
Oct 14, 2009
Messages
18,528
Reaction score
10,029
Points
1,255
Location
The AL part of PA
The Federal government hired "Solar Winds" to secure their computer systems. The Russians just ate "solar wind's" lunch. Trump did not hire "solar winds" they were hired by the deep state idiots.
Who was president when Solar Winds was hacked? ANSWER: DONALD JENIUS TRUMP.
So who is president now, for this hack? Sleepy Joe Biden. Trump got blamed for everything that happened during his presidency, so Joe Xiden deserves the same. Paybacks are a bitch.
Yeah, but your post seems to have double standards.

Trump isn’t at fault for a hack of the US government but Biden is at fault for the hack or a private corporation?
Don't you remember when the MSM asked Trump if he had any responsibility for this or that, and then when he said "no", that soundbite was played and replayed. Xiden doesn't get a pass on anything because Trump didn't get a pass on anything. That is how we avoid a double-standard.
 

hadit

Gold Member
Joined
Jul 1, 2013
Messages
29,023
Reaction score
7,169
Points
280
How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.
To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.
Remote monitoring. Connected to the internet, any executive anywhere can get up to the second status reports, etc. The bottom line is this, though. We don't really have a good way to actually fight off a ransomware attack short of making sure to have good backups of unencrypted data and proven restore procedures.
You mean 'Disaster Recovery' plans?

Everyone has them on paper, but nobody wants to foot the bill for a realistic disaster recovery capability.

I've been in dozens of disaster recovery tests...they're a joke.
Yup. I've done them too, and quickly realized they were not full, complete tests. IOW, they might kick over to the DR site and run some tests, but they didn't literally run the process through from start to finish and make sure the entire environment worked properly. No one could tell an executive how long it would actually take to be at full functionality after a disaster.

Talking about DR testing, when I worked for Circuit City, we were putting in automated dialers for their ESP call center. During production testing with live calls, suddenly a rep from the company that made the dialers rushed into the room proclaiming loudly, "I didn't do it, I didn't do it". Behind him ambled a Circuit City tech with a smile on his face. He had unilaterally decided to test the recoverability of the dialers (OS/2 servers, BTW) by unplugging one from power while it was running.
 

colfax_m

Platinum Member
Joined
Nov 18, 2019
Messages
27,397
Reaction score
9,539
Points
465
Don't you remember when the MSM asked Trump if he had any responsibility for this or that, and then when he said "no", that soundbite was played and replayed. Xiden doesn't get a pass on anything because Trump didn't get a pass on anything. That is how we avoid a double-standard.
Go ahead and show me where Trump was blamed for ransomware attack or a private corporation.

Show me the double standard.
 

Richard-H

Gold Member
Joined
Aug 19, 2008
Messages
6,712
Reaction score
1,569
Points
245
FECKLESS. Describes the Xiden administration perfectly.
Feeble or ineffective.
Spiritless; weak; useless; worthless.


Stupid Russians probably could have gotten a lot more than $5m (crime pays!!).
Maybe they have even richer chumps lined up for their next ransomware attack?

How quickly you blame Biden for the Putin's attack on American energy.

Donald Trump gutted the Cyber Security force to pay for his Wall. Trump also failed to do anything about the massive Russian hacking of government computers last year. Donald Trump spent 4 years giving the Russians unlimited access to hacking American computers, and then denied it was even happening.

Now that Trump's failures to protect the USA from Russian hackers has surfaced since he was voted out of office, the Putin propaganda machine and the Republicans are working hand in hand to use this to discredit Joe Biden.

Trump and Putin, working together, to destroy the USA, again.
1. Who was president when the Russians hit Colonial with ransomware, and PAID the $5m? ANS: JOE BIDEN
2. Stop lying about Trump, you TDS moron. The USSC said the wall funding was legal.
3. The Federal government hired "Solar Winds" to secure their computer systems. The Russians just ate "solar wind's" lunch. Trump did not hire "solar winds" they were hired by the deep state idiots.
The "solar winds" hack showed the US how the Russian government could hack the US and the US didn't even know it. The Russian computer experts were just smarter than the US computer experts. That make me very concerned.
4. LOL!! Xiden is the president not Trump. Xiden is working with Putin, not Trump. Damn you're stupid.

Americans still lead the world in technical expertise - but when profit is their only motive, security loses out.
I just read the wiki version of the solar winds hack. My God, WTF are they doing in DC? You can't read that and come away with any thoughts other than the Russians are the NFL, and DC are the JV team (as BO used to say).

Its not my field, but it seems that the CEOs are focusing on "firewalls", which reminds me of the Maginot Line.
1. My thoughts are to make a hack-proof OS, UNIX, LINUX, APPLE's, or a new one.
2. If an OS can't be made hack-proof the use "hard wired - unhackable" thumb-drive "keys" with passwords and strict limits on administer privileges.
3. If the US can't stop Russian hackers....not good.

Solarwinds, and just about all the companies involved are private companies. The federal government has not say in how they run their security.

For the most part private companies don't want to spend the money to make their systems secure proactively. They'd rather save money, then when it hits the fan they'll react....too late!
You really need to read the links I post before replying.
Solar Winds was a computer security company from Houston, like McAfee, who the Feds hired to protect the Federal computers from hacks, epic fail.
Read the wiki summary of solar winds.

What do you say when private companies and government entities spend the money and hire computer security "experts" and they still get hacked by smarter Russians?

Solarwinds is monitoring and alerting software. Not anti-malware or security software.

I don't need to read about it on wikipedia, I've been using Solarwinds Orion for almost 15 years.

The Russian hack of Solarwinds was done by embedding malware in the Solarwind's agent which gets installed on all PCs (usually servers) that are being monitored by the Solarwinds server.

It was the responsibility of Solarwinds, a private company, to insure that their agents were free of malware before distributing it to their customers.

Installing updated agents is a routine task that Solarwinds tells it's customers to do regularly. Fortunately, I lazy and didn't upgrade the agents in my company for a very long time, so I saved my company from the hack.

Stick to topics that you know...but then you wouldn't be posting much would you!
 

Richard-H

Gold Member
Joined
Aug 19, 2008
Messages
6,712
Reaction score
1,569
Points
245
I
How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.
To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.
Remote monitoring. Connected to the internet, any executive anywhere can get up to the second status reports, etc. The bottom line is this, though. We don't really have a good way to actually fight off a ransomware attack short of making sure to have good backups of unencrypted data and proven restore procedures.
You mean 'Disaster Recovery' plans?

Everyone has them on paper, but nobody wants to foot the bill for a realistic disaster recovery capability.

I've been in dozens of disaster recovery tests...they're a joke.
Yup. I've done them too, and quickly realized they were not full, complete tests. IOW, they might kick over to the DR site and run some tests, but they didn't literally run the process through from start to finish and make sure the entire environment worked properly. No one could tell an executive how long it would actually take to be at full functionality after a disaster.

Talking about DR testing, when I worked for Circuit City, we were putting in automated dialers for their ESP call center. During production testing with live calls, suddenly a rep from the company that made the dialers rushed into the room proclaiming loudly, "I didn't do it, I didn't do it". Behind him ambled a Circuit City tech with a smile on his face. He had unilaterally decided to test the recoverability of the dialers (OS/2 servers, BTW) by unplugging one from power while it was running.
All the DR tests I've been part of have been disasters in and of themselves. The facility's equipment is always in decrepit condition - I've spent most of the DR tests troubleshooting the equipment - then arguing with the techs to get it replaced.

My company always only wants to pay for what would be the minimum required to get the company operational - but you can bet that in a real DR they'd be screaming for all the other systems.

I've always wanted my company to set up the VMWare DR system - it looks great and would provide nearly instantaneous recovery....but alas! It's too expensive.
 

NightFox

Wildling
Joined
Jul 20, 2013
Messages
11,106
Reaction score
2,674
Points
280
Location
North beyond the Wall
How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.
To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....
That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.
FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen
 
OP
kyzr

kyzr

Diamond Member
Joined
Oct 14, 2009
Messages
18,528
Reaction score
10,029
Points
1,255
Location
The AL part of PA
FECKLESS. Describes the Xiden administration perfectly.
Feeble or ineffective.
Spiritless; weak; useless; worthless.


Stupid Russians probably could have gotten a lot more than $5m (crime pays!!).
Maybe they have even richer chumps lined up for their next ransomware attack?

How quickly you blame Biden for the Putin's attack on American energy.

Donald Trump gutted the Cyber Security force to pay for his Wall. Trump also failed to do anything about the massive Russian hacking of government computers last year. Donald Trump spent 4 years giving the Russians unlimited access to hacking American computers, and then denied it was even happening.

Now that Trump's failures to protect the USA from Russian hackers has surfaced since he was voted out of office, the Putin propaganda machine and the Republicans are working hand in hand to use this to discredit Joe Biden.

Trump and Putin, working together, to destroy the USA, again.
1. Who was president when the Russians hit Colonial with ransomware, and PAID the $5m? ANS: JOE BIDEN
2. Stop lying about Trump, you TDS moron. The USSC said the wall funding was legal.
3. The Federal government hired "Solar Winds" to secure their computer systems. The Russians just ate "solar wind's" lunch. Trump did not hire "solar winds" they were hired by the deep state idiots.
The "solar winds" hack showed the US how the Russian government could hack the US and the US didn't even know it. The Russian computer experts were just smarter than the US computer experts. That make me very concerned.
4. LOL!! Xiden is the president not Trump. Xiden is working with Putin, not Trump. Damn you're stupid.

Americans still lead the world in technical expertise - but when profit is their only motive, security loses out.
I just read the wiki version of the solar winds hack. My God, WTF are they doing in DC? You can't read that and come away with any thoughts other than the Russians are the NFL, and DC are the JV team (as BO used to say).

Its not my field, but it seems that the CEOs are focusing on "firewalls", which reminds me of the Maginot Line.
1. My thoughts are to make a hack-proof OS, UNIX, LINUX, APPLE's, or a new one.
2. If an OS can't be made hack-proof the use "hard wired - unhackable" thumb-drive "keys" with passwords and strict limits on administer privileges.
3. If the US can't stop Russian hackers....not good.

Solarwinds, and just about all the companies involved are private companies. The federal government has not say in how they run their security.

For the most part private companies don't want to spend the money to make their systems secure proactively. They'd rather save money, then when it hits the fan they'll react....too late!
You really need to read the links I post before replying.
Solar Winds was a computer security company from Houston, like McAfee, who the Feds hired to protect the Federal computers from hacks, epic fail.
Read the wiki summary of solar winds.

What do you say when private companies and government entities spend the money and hire computer security "experts" and they still get hacked by smarter Russians?

Solarwinds is monitoring and alerting software. Not anti-malware or security software.

I don't need to read about it on wikipedia, I've been using Solarwinds Orion for almost 15 years.

The Russian hack of Solarwinds was done by embedding malware in the Solarwind's agent which gets installed on all PCs (usually servers) that are being monitored by the Solarwinds server.

It was the responsibility of Solarwinds, a private company, to insure that their agents were free of malware before distributing it to their customers.

Installing updated agents is a routine task that Solarwinds tells it's customers to do regularly. Fortunately, I lazy and didn't upgrade the agents in my company for a very long time, so I saved my company from the hack.

Stick to topics that you know...but then you wouldn't be posting much would you!
I'm a retired bridge engineer. None of my bridges fell down, so I did my job well.
The simple fact that Russians hack US systems frequently (Solarwinds AND Colonial most recently) shows that US computer security "experts" are inept.

This is a political forum, inept people can post here just like competent ones!
 
OP
kyzr

kyzr

Diamond Member
Joined
Oct 14, 2009
Messages
18,528
Reaction score
10,029
Points
1,255
Location
The AL part of PA
How about a federal law requiring that critical production systems NOT be connected to the internet in any way.

Despite what everyone seems to think, all computers do not have to have an internet connection.
To run a pipeline system I'm not sure what software they were using, but may guess would be a DCS, which shouldn't be connected to the internet, or hackable. If it was connected they deserved to be hacked.

Nowadays most end-users want to be able to connect to control systems remotely from their office PCs or from home.

So companies insist that control systems be connected at least to the office network and usually to the internet.

They also like to have automated systems monitoring and alerting...usually using Solarwinds.....
That's just stupid and lazy. They get scammed by faux "security" companies like "Solarwinds" who say their firewalls are secure. Dumbasses.
FYI:

Solarwinds doesn't produce firewalls, they produce monitoring and network/systems/application management software (along with an assortment of IT Professional Utilities) and other than the recent security flaw on their Orion platform their software has been pretty solid.

"It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so." -- Donald G. Reinertsen
Whatever US computer security companies are doing, just isn't working. The Russians hack just about everything they want to. IMHO the US needs a paradigm shift in computer security competency. The Russians look very capable, and the US looks like chumps.
 

JoeMoma

Platinum Member
Joined
Nov 22, 2014
Messages
18,281
Reaction score
6,005
Points
360
I hate the thought of paying the 5M, but if I were the CEO calling the shots, I'd say pay it. 5 million is pocket change for Colonial Pipeline. I'm sure that the cost per day of having the pipeline shut off and of working around the ransomware quickly dwarfed 5 million.

Got to hate it when the bad guys win, but sometimes its best to pick your battles and cut your losses. This battle is loss, it was time to tap out and get back to business.

Having said that, a battle was loss, but the war is not over. Joe Biden needs to sick the CIA on Darkside as if they were Osama Bin Laden. They need to know that there is a target on their backs and the 5 million isn't worth it.
It's a practical approach for someone with deep pockets, but it encourages more illegal activity.

Kind of like the small business owners that would pay a mafia shakedown for "fire insurance" premiums.

The right approach is of course, to secure critical infrastructure from such attacks. While this is not foolproof, any large business should also have disaster plans in place, with full anf frequent backups of critical computer systems.

I read that although Colonial paid the ransom, the key they received did not work. So they probably did what they were supposed to do anyway, and restore their computers from backup.
If the key did not work, that will encourage future victims not to pay. So I'm sort of surprised.
 

Jim H - VA USA

Plutonium Member
Gold Supporting Member
Joined
Sep 19, 2020
Messages
2,125
Reaction score
2,162
Points
1,908
I hate the thought of paying the 5M, but if I were the CEO calling the shots, I'd say pay it. 5 million is pocket change for Colonial Pipeline. I'm sure that the cost per day of having the pipeline shut off and of working around the ransomware quickly dwarfed 5 million.

Got to hate it when the bad guys win, but sometimes its best to pick your battles and cut your losses. This battle is loss, it was time to tap out and get back to business.

Having said that, a battle was loss, but the war is not over. Joe Biden needs to sick the CIA on Darkside as if they were Osama Bin Laden. They need to know that there is a target on their backs and the 5 million isn't worth it.
It's a practical approach for someone with deep pockets, but it encourages more illegal activity.

Kind of like the small business owners that would pay a mafia shakedown for "fire insurance" premiums.

The right approach is of course, to secure critical infrastructure from such attacks. While this is not foolproof, any large business should also have disaster plans in place, with full anf frequent backups of critical computer systems.

I read that although Colonial paid the ransom, the key they received did not work. So they probably did what they were supposed to do anyway, and restore their computers from backup.
If the key did not work, that will encourage future victims not to pay. So I'm sort of surprised.
>If the key did not work, that will encourage future victims not to pay. So I'm sort of surprised.

Yeah, I was surprised to read it. Poetic justice, if accurate. Here's one link...

 

JoeMoma

Platinum Member
Joined
Nov 22, 2014
Messages
18,281
Reaction score
6,005
Points
360
I hate the thought of paying the 5M, but if I were the CEO calling the shots, I'd say pay it. 5 million is pocket change for Colonial Pipeline. I'm sure that the cost per day of having the pipeline shut off and of working around the ransomware quickly dwarfed 5 million.

Got to hate it when the bad guys win, but sometimes its best to pick your battles and cut your losses. This battle is loss, it was time to tap out and get back to business.

Having said that, a battle was loss, but the war is not over. Joe Biden needs to sick the CIA on Darkside as if they were Osama Bin Laden. They need to know that there is a target on their backs and the 5 million isn't worth it.
It's a practical approach for someone with deep pockets, but it encourages more illegal activity.

Kind of like the small business owners that would pay a mafia shakedown for "fire insurance" premiums.

The right approach is of course, to secure critical infrastructure from such attacks. While this is not foolproof, any large business should also have disaster plans in place, with full anf frequent backups of critical computer systems.

I read that although Colonial paid the ransom, the key they received did not work. So they probably did what they were supposed to do anyway, and restore their computers from backup.
If the key did not work, that will encourage future victims not to pay. So I'm sort of surprised.
>If the key did not work, that will encourage future victims not to pay. So I'm sort of surprised.

Yeah, I was surprised to read it. Poetic justice, if accurate. Here's one link...

So the key was not very useful. I'm not sure what that means. Was it somewhat useful?
 

JoeMoma

Platinum Member
Joined
Nov 22, 2014
Messages
18,281
Reaction score
6,005
Points
360
Yeah, I was surprised to read it. Poetic justice, if accurate.
I don't blame the Pipe Line Co. for paying. I understand that it does encourage the ransomware people to strike again; however, both the short term and long term effects have to be considered.
 

USMB Server Goals

Total amount
$280.00
Goal
$350.00

New Topics

Most reactions - Past 7 days

Forum List

Top