Slashdot Mirror

← Back to Stories (view on slashdot.org)

Paying Hacker Extortion

Posted by CmdrTaco on from the bad-place-to-be dept.

An anonymous reader writes "A friend works as CIO at a medium sized publicly traded company. The company was contacted by a hacking group and told to pay $100,000 to prevent their company from being hacked/attacked. They actually paid the extortion (told authorities after). The authorities said the company could be charged with supporting Terrorists. Seeing that most publicly known hacks are costing companies this size nearly a million dollars, Is this supporting terrorists or supporting stockholders?"

16 of 412 comments (clear)

  1. And now by The+MAZZTer · · Score: 3, Insightful

    They'll just be hacked anyway.

    1. Re:And now by odin84gk · · Score: 4, Insightful

      They will get asked for money on a yearly basis.

    2. Re:And now by jmorris42 · · Score: 3, Insightful

      > They will get asked for money on a yearly basis.

      Which is why you never pay Danegeld. It never gets rid of the Dane.

      Trillions for defense, not a penny in tribute is the only long term strategy for dealing with aggression. And these threats are aggression and weakness in the face of aggression always invites fresh demands. We should be tracking down these 'hacking' groups with the same vigor we go after other organized crime and terrorism. If that means dropping a Hellfire missile down on a few houses in countries where the local authorities won't take this stuff serious I'm not going to lose sleep over it. Can we bomb the spammer/phishers too while we are at it?

      --
      Democrat delenda est
    3. Re:And now by MaxBooger · · Score: 3, Insightful

      Oh... I didn't realize this was an article on norton/mccafee antivirus.

    4. Re:And now by dcollins · · Score: 4, Insightful

      He already said he wants to pay trillions. He preemptively out-crazied you by more than 6 orders of magnitude.

      --
      We know where leadership by an anti-intellectual "strongman" who scapegoats minorities and likes boisterous rallies goes
  2. Here's a thought by Dunbal · · Score: 4, Insightful

    How about hiring someone who actually has some idea about security. THAT is supporting stockholders.

    --
    Seven puppies were harmed during the making of this post.
    1. Re:Here's a thought by interkin3tic · · Score: 4, Insightful

      It does seem like $100k spent on security would have longer benefits than one payoff. For that matter, maybe a $100k insurance policy would be a better investment.

  3. Supporting Criminals by Jaime2 · · Score: 3, Insightful

    Paying ransom is almost always a bad idea for the community as a whole. The authorities are simply trying to make the company do the right thing instead of the selfish thing. The biggest problem with security is that the incentives are rarely aligned with the responsibilities; this is a classic case of re-aligning those by pushing the societal cost back to the people who are in a position to make the decision.

  4. Re:How exactly did they pay them? by Anonymous Coward · · Score: 3, Insightful

    The same way that people have been transferring money illegally for decades: wire transfers to Caribbean banks with strict privacy laws and lax banking regulations.

  5. Neither by Rary · · Score: 3, Insightful

    Is this supporting terrorists or supporting stockholders?

    "Supporting terrorists" is a stupid description, and the idiot who said that needs a kick in the teeth. However, also stupid was paying these jackasses. Take every precaution you can, get the authorities involved as a backup, maybe even alert your shareholders to the threat, but do not pay extortionist script kiddies.

    --

    "You cannot simultaneously prevent and prepare for war." -- Albert Einstein

  6. Re:How exactly did they pay them? by melikamp · · Score: 5, Insightful

    This is utter BS. I bet it was the execs themselves who stole the money, probably long before they were "contacted by hackers". If it looks and smells like The Big Lebowski...

  7. Re:everyone loses by houghi · · Score: 4, Insightful

    No, it doesn't. Even IF the money would go to Al Qaida itself, the act would have nothing to do with terrorism. It is blackmail.

    Do not confuse one crime with another. Copyright infringement is not theft. Blackmail is not terrorism.

    --
    Don't fight for your country, if your country does not fight for you.
  8. Re:everyone loses by pclminion · · Score: 5, Insightful

    Quit diluting the meaning of the word "terror." Terror is fearing you might be blown into bloody pieces while standing in line at a sandwich shop. Terror is fearing your elementary school kid will die a fiery death in an exploding school bus. Terror is wondering whether the building you work in is going to be on the receiving end of a trans-continental jet liner moving 500 MPH. These things are terrifying.

    We already have words for the sort of thing the article is talking about: extortion, blackmail, etc.

  9. Re:Short answer by Volante3192 · · Score: 3, Insightful

    do you have a 401K or a pension? You're likely a shareholder of something.

    Nope. Basically, I'm fucked come retirement...assuming I don't kill myself with cirrhosis first. I've made peace with that though.

  10. Re:everyone loses by twidarkling · · Score: 3, Insightful

    I'm sorry, but that's a retarded response. Even if I think the reaction to 9/11 was overblown, hacking a company is a completely different scale than wide-spread physical destruction and loss of life. To try and equate them means you're not an individual who should ever be included in a rational discussion about proportional response or morality. If I had to guess, I'd say you're probably one of the "nuke 'em all and fuck sorting them out" types, right?

    --
    Canada: The US's more awesome sibling.
  11. Re:everyone loses by digitig · · Score: 4, Insightful

    I think the response of the victims of the 9/11 attacks would likely have been terror. I've been working in a place where the IT department was dealing with a cracking attack, and nobody was screaming or throwing themselves from windows.

    --
    Quidnam Latine loqui modo coepi?