This is just bullshit meaningless gibberish. I don’t think that whoever wrote this understands what encryption / encrypted means what they think it means.
Looking through a few authorised financial institutions lists the ICO is the least of Travelex’s worries as far as regulators are concerned. They have authorised entities under every regulator of note from US to EU to SG and Asia, some very big sticks are about to beat them.
Isn’t one of the common tactics to encrypt your data and sell you the key? Certainly you’d be able to determine if some of your important data was no longer accessible. It reads to me like some random [something] was encrypted, but not their database stores of data.
Travelex parent Finablr is about to go bust. Not so much to do with the ransomware as a hole in the balance sheet.
“Uh, we spent about $100 million, but we forgot to mention it.”
I have to say, given the history of ransomware targeting hospitals and stuff in the past, this was a pretty scary thread to see bumped.
Honestly I would 100% support a drone strike assassination of someone who did this.
Techmeme summary:
Not sure why anyone is trying to soften the image of some criminals.
One of our side businesses is in charge of securing power grids. This particular attack has been like a bomb going off in that arena.
As an example of typical power grid IT based security, you can’t take things back out that you bring in. A contractor who works on the power grid? The laptop, phone and any other electronic devices stay there. Connections into and out of their networks are highly monitored.
So, not sure how this happened on a pipeline but something tells me that industry might not have planned for security very well.
Not a power grid or infrastructure, but similar issue. The problem is that human beings are in the loop. And this is literally how the entire Federal government got hacked by Russia.
https://www.cnn.com/2021/02/26/politics/solarwinds123-password-intern/index.html
I was thinking about that SolarWinds story when I had to make a new corporate password recently - i made it as horrible as possible and it took me almost a month to memorize it. We get all these ‘beware malware/spyware’ warnings almost every day from KnowBe4, yet when i made possibly the most stereotypical password possible in previous instances, IT didn’t even shrug.
Surprised Pikachu for sure.
So Colonial got its pipeline back and working.
It looks like they paid $5 million in ransom, but the decryption was so slow that the company ended up just wiping and restoring from backup files.
lol just like steam preloads
Having lived through a ransomware attack, the first and only thing you can do when hit with a ransomware attack is immediately disconnect everything, burn it all down, and rebuild from backups. Assuming they didn’t get to your backups.
Paying is folly. There’s no guarantee you’ll get any keys. There are plenty of stories of people paying and the decryption simply not working. Other execs at my company were entertaining the idea of paying or at least making contact to see what they wanted. I had already broken out the flamethrowers.
Why would you pay at all if you’re able to restore from backups? I assume the thinking was they’d lose more money in the time it took to restore, but you’ve no idea how quickly they’ll actually respond once paid, if at all. And if you’re not wiping and restoring, you’ve no idea if anything is left over that could just screw you over down the line.
Restoring from backups often does not mean total data recovery. Backups are not necessarily made in real time so you’re losing whatever data was generated since the last complete backup. Especially if you have to go to your offline air gapped backups. Ransomware people are really good at finding and eliminating all your online backups.
But yes, paying remains incredibly stupid. It also tells the criminals that you’re willing to pay. Something I assume they keep track of. One more reason I refused to even make contact with the attackers. Heck, if I were them I’d keep a list of not just the company, but the execs involved in case they move on to another company. You hold on to those names like the good leads in Glengary Glen Ross.