Senators: Has Uncle Sam Paid Off Ransomware Criminals?

chicksdaddy writes: Just a month after an FBI official admitted that his agency sometimes advised companies stricken with ransomware to pay the ransom, two U.S. Senators are requesting information about federal agencies' encounters with ransomware malware, and whether Uncle Sam might have paid ransoms, also. "Have federal state or local governments sought DOJ or FBI’s help to remove ransomware from their computers," the Senators asked in a letter (PDF download) addressed to Attorney General Loretta Lynch. "If so, please describe the nature of any assistance sought, whether agencies have paid ransoms to remove ransomware, and whether DOJ or the FBI was able to decrypt the computer systems."

The Senators have some nice buzzkill bob's party w

The Senators have some nice buzzkill bob's party was kick ass and he has all the local cops in his pocket as well.

Officially or unofficially?

These types of ransom payments are probably taken from petty cash via multiple split transactions to save face... It's not like there's a billing code for "ransom" unless you're talking about the CIA/FBI/DEA/DoD/State Dept...

Re:Officially or unofficially?

[houstonbofh]

Consulting services.

Is ransomware tax-deductible?

[mveloso]

Can you write off ransom costs on your taxes?

Do you get a receipt when you pay off your ransomware?

Re:Is ransomware tax-deductible?

[houstonbofh]

Actually, yes you do. And it is more professional then a lot of software companies.

Re:Is ransomware tax-deductible?

[xxxJonBoyxxx]

>> Can you write off ransom costs on your taxes?

I don't see why not. Best case, it's business services and fully deductible. Worst case, it's entertainment (and half deductible).

Re:Is ransomware tax-deductible?

[zlives]

especially if you seek legal advice regarding the measure ...

Re:Is ransomware tax-deductible?

[Misch]

Yes. An individual can deduct the amount minus ($100 + 10% of AGI) Source: NY Times, Extortion counts as theft. IRS

Businesses get treated more favorably, they can deduct actual losses.

Re:Is ransomware tax-deductible?

[msauve]

"Extortion counts as theft."

So I can deduct tax payments from my taxes? Woo-hoo!

Winning quote of the day.

[khasim]

The success of the ransomware ends up benefitting victims: because so many people pay, the malware authors are less inclined to wring excess profit out of any single victim, keeping ransoms low.

Gotta love the "logic" that went into that statement.

Remember kids, paying the ransom is a lot cheaper than investing in security ... as long as everyone else is also paying the Danegeld.

Re:Winning quote of the day.

[houstonbofh]

The success of the ransomware ends up benefitting victims: because so many people pay, the malware authors are less inclined to wring excess profit out of any single victim, keeping ransoms low.

Gotta love the "logic" that went into that statement.

Remember kids, paying the ransom is a lot cheaper than investing in security ... as long as everyone else is also paying the Danegeld.

It is true... They will not want to kill the goose as long as it keeps laying golden eggs. But you really do not want to be the last "Goose" that takes good backups...

Re:Winning quote of the day.

At least once you pay the ransomware, it goes away, as opposed to certain security bloatware that continues to pester you to give it money, and slows your computer down to a ridiculously slow pace.

Re:Winning quote of the day.

[khasim]

It is true... They will not want to kill the goose as long as it keeps laying golden eggs.

The criminals don't. But phrasing that as "benefitting" the victims is ... beyond stupid.

Like being shaken down for "protection" money. But the mob is doing such a good job that they can offer you a 50% off deal. It might be less painful, but it is not a "benefit" in any way.

Re: Winning quote of the day.

Or use a Mac, and worry about none of the above.

Re:Winning quote of the day.

Meh.

Like, who cares? CIA have created and funded almost every terrorist network in the middle east. Supporting some eastern European ransomware dude is insignificant in comparison.

Re:Winning quote of the day.

That reminds me. We should have security insurance and make it mandatory. Something like ASSA (Affordable Software Security Act)?

Re:Winning quote of the day.

[Archangel+Michael]

Capitalism is grand.

Re:Winning quote of the day.

[hey!]

Well, let's assume that malware authors are economically rational. If they demand millions of dollars almost nobody will pay. If they demand a penny they'll get lots of people paying, but they won't net much. There's an optimum ransom price between the extremes where they maximize their revenue, and it's likely to be relatively low -- in the hundreds of dollars -- rather than the tens of thousands of dollars. For one thing any organizations has a threshold under which managers can spend with their own discretion; going over that level is apt to make getting paid a lot quicker. Quick in finance is a very important thing; and it's an even more important thing when it comes to banditry. The longer something goes on the more likely you'll get caught or people will find a way around your scheme.

Now if it were me, I'd set a series of dates after which the ransom goes up, and promptly respond to anyone who paid up early. It's like selling anything else; if you're seen as reliable and responsive people are more likely to give you money; they're also more likely to give you money if they think they'll have to pay you more later.

Re:Winning quote of the day.

[DarkOx]

Like being shaken down for "protection" money. But the mob is doing such a good job that they can offer you a 50% off deal. It might be less painful, but it is not a "benefit" in any way.

Depends. protection money is a racket because of course if you opt not to pay than something terrible *will* happen to you, perpetrated by your would be protector. On the other hand in a lot cases various places around the would I have heard about from people you absolutely do get some *protection* for your money. There is usually some symbol like placing a statue of saint or something in a window that lets other criminal gangs know you are client of one of their rivals. They than leave you and your establishment alone because they know if something happens and your protectors think it was them they will seek retribution.

Re: Winning quote of the day.

because even ransomware has standards?

New York State has paid the criminals.

[truck_soccer]

Had a few machines come in from various state orgs and universities 2 years ago when crypto starting making the rounds again. Their backups were too old, had to pay the fuckers. They did get all their stuff back. But still, they paid some assknob in east fuckistan 1200USD a pop. That was when I figured out that I was playing on the wrong team.

Re: New York State has paid the criminals.

No he ordered an assknob from Amazon. Followed the directions, inserted assknob and began pleasuring himself for the "wrong team".

Re:New York State has paid the criminals.

[Wonko+the+Sane]

some assknob in east fuckistan

You really think that no public sector employee has figured out yet that they could infect their own work computers with malware and get a bitcoin advance on their pension while blaming the east fuckistanians?

The US doesnt give in to terrorists

unless they are in the white house or cia sponsored.

Taxation without representation

Taxation without representation

Encryption

Is this setting up for another social attack on encryption?

Only criminals use it - fearful of it.
Let the government "regulate" it and we could unlock all your family photos or business's data for you free of charge.

Re:Encryption

That's precisely what this is. The Senators will soon be all over the TV news circuits blathering about how encryption is costing taxpayers money, by way of government officials paying these ransoms; therefore the government must be able to unlock all encryption to protect itself (and you) from ransomware. Conveniently omitted from their talking points will be the fact that the guys in Romania writing ransomware really don't give a fuck what US law says about encryption.

These attacks on freedom are only going to continue. They'll keep trying inventive new angles until they find one that really gains public momentum.

problem, reaction, solution. done.

[Thud457]

see? Criminals use encryption.
Encryption must be outlawed.

Re:problem, reaction, solution. done.

see? Criminals use encryption.

Encryption must be outlawed.

See how many criminals give a fuck about laws first. Then, when the next terrorist attack happens and you watch the fucking idiot voters continue to vote these asshats into office, you can be confused as I am these days as to who to blame for this mess.

Re:problem, reaction, solution. done.

[KGIII]

I know it's popular to blame everybody else but maybe it's time to blame the terrorists themselves?

People seem hell-bent on blaming the US, guns, politicians, religion, economy, environment, the French, Europe in general, etc... How about we just, you know, blame the asshole terrorists?

This just in!

[Archangel+Michael]

Hillary Clinton has just announced that her "Email Server" and all the "Emails" were held hostage by Ransomware and she didn't pay, and that is why she doesn't have those emails everyone doesn't care about.

Re:This just in!

[CanadianMacFan]

I thought she went to give a speech to them in order to get a backdoor put in to the encryption to help fight ISIS.

The answer should be "Of course we paid them!"

[thogard]

I would hope the reason they paid was to track them down seeing that is the job the FBI and CIA keep telling the tax payers they do.

Is there really much doubt

[DarkOx]

U.S. Senators are requesting information about federal agencies' encounters with ransomware malware, and whether Uncle Sam might have paid ransoms,

I mean the Obama administration has pretty publicly failed to up hold the 'US does not negotiate with terrorists' line. That is the sort of precedent that gets set at the top. When the President is out there doing prisoner swaps with the Taliban its pretty hard to expect some mid level IT bureaucrat to spine up and tell his bosses they fucked up don't have backups and got hit with crypt malware. Much easier to submit an expense report for "consulting services" and hope the issue is forgotten quickly.

Re:Is there really much doubt

I'm sure you didn't raise any objections in 2002 when the Bush administration negotiated a ransom payment to the al Qaeda linked Abu Sayyaf terrorist group in an attempt to free the two Burnham hostages.

Re:Is there really much doubt

You shouldn't get your history from the movies. The U.S. has always negotiated with terrorists.

Re:Is there really much doubt

I'm sure you didn't raise any objections in 2002 when the Bush administration negotiated a ransom payment to the al Qaeda linked Abu Sayyaf terrorist group in an attempt to free the two Burnham hostages.

The US government never paid ransom to Abu Sayyaf, but others did including the Government of the Philippines. You strongly imply that the Bush administration paid a ransom, which is not the case. As for advising and assisting our long time Philippine allies, I'm sure that we advised them not to pay but in the end it's their country and it was their decision.

NSA capabilities

So if an FBI official tell governments to pay the ransom instead of attempting to decrypt the systems, the NSA must not have the capabilities required to decrypt ciphers at all?

Re:NSA capabilities

[AHuxley]

Governments usually push for been in on the development of national standards for computer brands and telcos. The government then gets to build in trap doors and backdoors during the design stage. The other is the use of informants in the tame private sector and the use of crypto from gov created front companies.
Cryptography in the wild is not easy.

More proof of my hypothesis about the NSA

[Applehu+Akbar]

We already know that local governments, including police and sheriff offices, have been nailed by ransomware and have paid up to get their data back. If this conjecture about the feds proves out, it would reinforce my hypothesis that NSA surveillance is a paper tiger. If NSA data collection was as effective as we fear it is, they would be able to trace the Bitcoin payments and have agents sent out to strangle the perps with their own intestines, no matter where they might be located.

Whatever we think of the NSA's domestic operations, everyone in here would love to see that happen at least once.

Re:More proof of my hypothesis about the NSA

You don't use intelligence gathering methods to nail petty criminals.. or even prevent moderate to major losses.

e.g. opportunities to save lives and ships that the Enigma and the Japanese Naval Code breaks provided were *not* exploited during WWII when there wasn't a plausible alternate story of how the information was obtained.

Re:More proof of my hypothesis about the NSA

[geekmux]

We already know that local governments, including police and sheriff offices, have been nailed by ransomware and have paid up to get their data back. If this conjecture about the feds proves out, it would reinforce my hypothesis that NSA surveillance is a paper tiger. If NSA data collection was as effective as we fear it is, they would be able to trace the Bitcoin payments and have agents sent out to strangle the perps with their own intestines, no matter where they might be located.

Everyone except the very entity who would want to keep that capability secret, which is why this shit has likely happened more than once to [random dumbass] who simply disappeared off the radar without anyone really noticing.

Whatever we think of the NSA's domestic operations, everyone in here would love to see that happen at least once.

You know, there's a reason governments use the concept of need to know quite often...it's usually to ensure it will happen far more than "once"...

Re:More proof of my hypothesis about the NSA

Who bets that NSA owns a decryption supercomputer? You seriously think that the whole US government doesn't own a supercomputer dedicated to decryption?

https://www.google.gr/#q=nsa+ssl+certificates

Funny thing is the bad people know that NSA is listening so they don't use the internet much. NSA keeps wiretaping civilians cause the bad people avoid technology.
There are countless false positives each day.

Re:More proof of my hypothesis about the NSA

Domestic surveillance programs are pork barrel scams. Always have been.

Security agency has the ear of congress and executive, tells them they need local spying and big local spy data warehouses

Security agency heads "Retire" to security services contractor outfits

Security services contractors make untold piles of money on black budget projects with no oversite or audit

Lather, rinse, repeat

See also: Every armed forces branch, financial services industry.

Re:More proof of my hypothesis about the NSA

[jonwil]

Even if the NSA had the capability to track down these cyber crime gangs AND even if the NSA was willing to expose their methods in order to get them, there isn't a lot the US can do.

Its not like they can send CIA assassins (or armed drones) into the heart of Putin's Russia to take out the cybercrime bigwigs (especially when those bigwigs are friends of Putin)

Re:More proof of my hypothesis about the NSA

[Applehu+Akbar]

These are hardly petty criminals. They target businesses of all sizes, and have hit governments. If they have hit the federal government, then by definition national security is involved, and it's showtime for whatever special agents and forces eradicating them takes.

The Enigma reference is irrelevant because during WW II, we specifically didn't want the Axis to know that we had broken their code. Ransomware operators? We would want them to know that we can trace them and kill them wherever they are, and if we can break their encryption we want them to know that too.

Re:More proof of my hypothesis about the NSA

Yes, but then other governments become aware of methods the NSA possesses but does not want to reveal....

Re:More proof of my hypothesis about the NSA

They can: it's just too expensive to pay off the widow/train their replacements when the OPM's Windows XP machine running a Russian RAT tips off the KGB what their airplane seat number was.

Nobody is willing to take that chance to hack at the heads of a hydra. The operational expenses would exceed the cost of paying the ransom.

Re:More proof of my hypothesis about the NSA

You sound like those numbnuts that wanted to dip into the strategic reserve to lower oil prices a few years ago.

Revealing your capabilities allows your enemies to compensate for them. Why would you let legitimate threats grow stronger just to squash a nuisance?

wat

Why are the senators even bothering to ask this question? The answer has been made clear many times before: "The US does not negotiate with terrorists." Since this clearly falls into that category, obviously they would have elected to let the data go than pay to have it decrypted.

Right?

Giving in to terrorist demands

Of course they do! China already knows all our secrets anyhow and it's probably cheaper in their eyes than some rudimentary security.

Why not?

It's the taxpayers' money anyway, right? For great socialist justice!