guys

now browsing by tag

 
 

Do You Give The Wrong Guys A Chance? | romancescams | #scams

If you’ve ever vacillated between being “too picky” and spending time with men you don’t like, check out this Love U Podcast. In it, I tell the story of two […] View full post on National Cyber Security

#cybersecurity | #hackerspace | Going After the Good Guys: The Government’s Ransomware Identity Crisis

Source: National Cyber Security – Produced By Gregory Evans

Why fixing that ransomware attack might get you indicted

Editor’s
Note: We’re pleased to publish this article from attorney Ryan Blanch, sharing
an expert perspective on some of the legal issues in the cybersecurity
industry.

When it
comes to ransomware, malware, and hackers, the government is finding it
difficult to keep pace with the quickly evolving landscape of cybercrime. And
sometimes, the government seems to be going after the good guys instead of the
bad guys, as evidenced by the recent CoalFire debacle in which Iowa arrested
and charged the same cybersecurity professionals it had contracted to try to
breach the state’s security systems.

As a criminal
defense attorney, I’ve been involved in myriad cybercrime cases. There were the
DDoS attacks on the Church of Scientology, and then the infamous Blackshades
malware allegedly used to spy on Miss Teen USA. We defended a sports gambling software company
accused of conspiring with the mob abroad, which went to trial and was ultimately dismissed.
Later, we handled a cryptocurrency hacking case, an online currency arbitrage
platform; and, more recently, the allegedly illegal deployment of scores of
Bitcoin ATM machines around high crime neighborhoods – to name a few.

In most
cases, it’s at least apparent why prosecutors are focusing on our client. But
in other cases, prosecutors are barking up the wrong tree—they’re going after
the targets they can find instead of looking for the actual bad guys. After all,
career hackers can be nearly impossible to track down and apprehend. In the
sports gambling case I handled, my client reported that the New York district
attorney’s office wanted to strongarm him into hacking into his clients’
systems to turn over personal data on gamblers and their bookmakers who may be
involved in illegal gambling.

Another area
where prosecutors seem to be struggling to find and prosecute the right parties
is with ransomware attacks. If you should fall victim to a ransomware attack,
be very careful how you navigate your crisis. And that goes double for those
who try to help you. The government may be looking to indict you both. And the penalties are steep.

Let’s hash it out.

How Ransomware Attacks Work: From Attack to Prosecution

Ransomware
brings companies to their knees in an instant as it encrypts user data and
files irretrievably. In some cases, the only way to resume business as usual is
to pay the ransom outright and most of them only take crypto.

Phase 1: The Attack

You show up
to work to find a message like this one filling all 100+ displays of your
company’s employee workstations. Your CTO and IT administrator are in a panic. Your
entire company has been locked out of its servers, computers and files. The company
stands to lose hundreds of thousands of dollars each week that this persists. There
is a countdown clock on the monitor, and IT cannot find any way to access the
system. All you can think is, ‘What would Kiefer Sutherland do?’ 

Phase 2: The Fallout

It’s day two
and the losses have already exceeded $40K. Clients are taking flight as they
fear the worst. Employees are asking whether they should come to work, and the IT
department is pulling its collective hair out.  You wonder what you have them around for if
they can’t fix your computer-related problems. Arnie, Head of IT (for now), has
resorted to Googling (from his personal cell phone) “ransomware help” to look
for outside companies that might be able to lend a hand. 

The 5 bitcoin
demanded hasn’t yet increased, but it might as well have because the volatile
bitcoin market has already added $5,753 to the price (some companies are
starting to keep an emergency bitcoin account to offset the risk of price
fluctuations).  

Someone
reminds you that you have business insurance that may cover this sort of thing.
You call your insurer. They do in fact cover ransomware attacks and have a list
of “approved providers” aka cybersecurity firms who can help.

Phase 3: The White Knight Arrives

It looks as
though all that panic-driven Googling may have paid off. Arnie has already
found a cyber security firm and is on the line with them. As luck would have
it, this firm is also on your insurance company’s “approved provider” list.  The firm thinks they may be able to resolve
the problem remotely. But when asked, they admit that no one can actually decrypt
the files.  More pointedly, if you were
to marshall the combined forces of Homeland Security, the NSA, M.I.T., Kaspersky
Labs and Elliot Gunton to the singular purpose of retrieving the electronic
files of your trading house and photos of your mini labradoodle wearing a tutu,
they would all wind up with zilch. That’s how hard it is to unencrypt what’s
been properly encrypted.

So how can
this cybersecurity firm help?

Pay the
ransom, of course.

So then, what
good are they? Well, for starters, they have a bitcoin wallet on the ready. You
don’t. Secondly, they actually know how to deploy a decryption key. You don’t
(and neither does Arnie).

Turns out
most ransomware, eh hem, artists don’t restore your files for you when you pay
the ransom. They merely send you a key. Technical support doesn’t exist. It’s
do it yourself. And you wouldn’t want your attackers fixing it for you even if
they offered.

Here is why
it makes sense to hire the cyber security firm rather than pay the ransom
yourself in a nutshell:

  1. They can pay immediately.
  2. They may be able to get the attackers
    to lower the ransom. Probably not enough to decrease your cost but enough to
    offset the cost of the firm’s fee.
  3. You shouldn’t be dealing with your attackers.
    They may expand the problem to other systems if you let the wrong information
    slip.
  4. Once you get the key, if you don’t
    deploy it correctly you could corrupt your files forever. Some of these keys
    require several steps to deploy them. And you need to make sure you back up
    your files first, etc.
  5. After you get your files back you
    need to close the proverbial back door. Your attackers could come back if you
    don’t. The honor of your extortionist ends with the promise to send you the
    key. It does not include a promise to never return.
  6. The best firms will issue and update a
    white paper to make sure that you continue to follow best practices to avoid
    subsequent attacks.
  7. An honest firm will tell you if the
    strain of your ransomware variant is actually undecryptable. Some variants are old,
    and the decryption key has already been disseminated publicly. If your firm has
    the key, they may just deploy it for you at little or no cost.
Ransomware screen

Phase 4:  The White Knight Gets Indicted

All good? Not so fast. Now the cyber security firm’s principals and employees are contacted by the FBI’s Cyber Division. The U.S. Attorney’s Office wants to talk about a turn-in date and because they know this is a real company with generally law-abiding individuals, they wanted to call and invite them in to “self-surrender” so they can forgo the unpleasantness that comes with a 3AM home arrest warrant execution.  

Looks like
your company’s savior is going to need to hire a great criminal defense
attorney.

Why? Turns
out the government doesn’t look kindly on paying ransoms. The reasons
themselves are not objectionable:

  •  The money could go straight to terrorist
    organizations and other criminal cartels
  •  The money is difficult to trace when
    transferred through bitcoin.

But the
government also knows that juries don’t like to convict victims for paying
their extortionist. It’s like arresting the mother of a kidnapped child for
paying the kidnappers their ransom to get her baby back.

It would never fly.

How The Government Views Paying Computer Ransoms

Lost
computer files, lost business revenue and even stolen intimate photos are less
sympathetic reasons to sponsor a crime cartel than say, getting a real live
child back. But, just the same, the DOJ doesn’t like to lose. And prosecuting
victims is a losing strategy. So, for now, victims can (probably) pay ransoms
back directly (as ill-advised as that is) to their attackers.

But if you
hire an intermediary, that’s where the government is testing a prosecutorial
theory. The theory is if they can prosecute the cyber firms who pay the ransoms
then they can get a pelt for what they view as an ugly business. Hey, somebody
has to pay. Cybercrime is the new bank robbery and it’s turning into an
epidemic. The government’s so-called ransomware “experts” are in the stone
ages. But prosecuting cyber security firms makes it look like they are doing
something about this epidemic (spoiler alert: they aren’t).

Strangely
enough, the FBI has made multiple statements encouraging or allowing companies
to pay off ransomware attacks:

  • Joseph
    Bonavolonta, Assistant Special Agent of the FBI’s Cyber and Counterintelligence
    Program, said that in most cases, because the FBI can’t
    help these companies recover files, their agents often end up recommending them
    to pay the ransom to get their data back.
  • An
    official statement from the FBI said they don’t “advocate” paying
    ransoms, but that the “FBI understands that when businesses are faced with an
    inability to function, executives will evaluate all options to protect their
    shareholders, employees, and customers.”

They haven’t yet publicly announced a policy of indicting companies for paying ransoms or started issuing mass indictments. But they are hovering around the periphery, looking for instances where they think they might be able to dirty-up the white knight cyber security firm to make them a public example of the perils of paying ransoms as a business model.

What if they succeed? What does that accomplish? It doesn’t stop the ransomware attacks. It doesn’t stop the victims from paying those ransoms directly. But it takes out a middle man would-be protector, leaving the victim to their own devices.

Making the Good Guys Prosecutable: Dirtying up the White Knight

If juries
don’t like to convict victims, how would they feel about their heroes? As a
matter of public policy, do we want to criminally prosecute the saviors of
those who have otherwise irretrievably lost their businesses?  

The answer
is it depends. We should not criminalize the only people that offer any
protection whatsoever to the victims of ransomware. They also provide a
mechanism for insurance companies to insure the losses of such an attack. The
government is putting this in jeopardy (more on this to come). In order to make
a white knight prosecutable, the government needs to shift our view of them. The
prosecution will want the jury’s perception of the white knight to be that of
an opportunistic broker of shattered dreams. Instead of saving their victims
from further attack, they provide a surcharge to further exploit them. As
ridiculous as this sounds, this is what in fact is being kicked around at DOJ
offices everywhere.

The Insurance Companies as Co-Conspirators?

So, if the
cybersecurity firm is recommended and, in some instances, paid for by the
victim’s insurance company, doesn’t that make said insurance company an
accomplice in the conspiracy to pay ransoms to possible crime cartels?  After all, the insurance company knows exactly
how the cyber security firm addresses the problem – by paying ransoms. So, will
the government start prosecuting Allstate for providing ransomware protection
to its insureds?

Probably
not.

But, by
taking the cyber security firm out of the equation, it would force the
insurance company to pay the ransom to the insureds or even worse, pay it
directly to their attackers. Knowing that would result in potential
prosecution, they would have to stop insuring businesses and individuals from
ransom attacks all together, compounding the victim’s losses exponentially.

No Good Deed Goes Unpunished

So if the
reasons listed above are all valid reasons why you SHOULD hire a cyber security
firm in a ransomware attack and if billion dollar insurance companies are
recommending that their insureds hire these companies (knowing full well that
those companies will pay the ransoms), then how in the world can the government
look to criminally charge these very same companies for doing what it has
failed to do – rescue victims of
ransomware?

For now, the government is limiting its
prosecutorial powers to low hanging fruit; looking at smaller cyber security outfits
that they believe make easy targets to test-flex their muscles.  They have yet to rope in the insurance companies
who refer them business. And their internal (and informal) policy of the moment
seems to militate against charging ransomware victims who pay ransoms
directly.   

But it’s
‘victim beware’ when it comes to paying ransoms. You don’t know where the money
is going—and the U.S Treasury’s Office of Foreign Assets Control (OFAC)
maintains a nearly incomprehensible and ever changing
list of thousands of countries, individuals and entities to whom it’s a crime
to send funds.

The takeaway: If you fall victim to ransomware, hire a cyber security
firm to handle it.  If you are such a
firm, proceed with caution and consult with legal counsel about best practices.

*** This is a Security Bloggers Network syndicated blog from Hashed Out by The SSL Store™ authored by Ryan Blanch. Read the original post at: https://www.thesslstore.com/blog/going-after-the-good-guys-the-governments-ransomware-identity-crisis/

Source link

The post #cybersecurity | #hackerspace |<p> Going After the Good Guys: The Government’s Ransomware Identity Crisis <p> appeared first on National Cyber Security.

View full post on National Cyber Security

“Victory for the #good guys” – #criminal behind #Mandiant #hack arrested

Source: National Cyber Security – Produced By Gregory Evans

“Victory for the #good guys” – #criminal behind #Mandiant #hack arrested

FireEye has caught the hacker behind a well-publicised attack that leaked a security researcher’s details and claimed to infiltrate the company’s networks earlier this year.

Mandiant employee Adi Peretz was the attack’s main victim as a number of his online accounts were exposed. Mandiant is a division of FireEye.

The alleged hacker, who went by the username of LeakTheAnalyst, has now been arrested according to reports, although their name and location have not been made public.

“These attackers rarely, if ever get caught…Over my career, I have found it frustrating how little risk or repercussions exist for the attackers, who hide behind the anonymity of the internet to cause harm to good, well-intentioned people,” Mandia says in a statement.

In addition to OneDrive accounts and PayPal invoices, Peretz’s LinkedIn login was compromised and his page was allegedly defaced by the hacker. The hacker also claimed to have gained access to Mandiant’s systems and customer data.

It was fun to be inside a giant company named ‘Mandiant’ we enjoyed watching how they try to protect their clients and how their dumb analysts are trying to reverse engineer malwares and stuffs. Now that ‘Mandiant’ knows how deep we breached into its infrastructure its so-called threat analysts are trying to block us. Let’s see how successful they are going to be :D,” the hackers’ say as part of their data dump,” a post on PasteBin said.

Two weeks later, the hacker posted another batch of information apparently from the data dump. They also claimed that FireEye was conducting a coverup.

“Well we were waiting FireEye for a public comment and FireEye lied again, and they lied in cost of their customers. They did a mistake. They knew we had access to JIRA, Their IDF workshop wasn’t a part of Adi Peretz’s job. They knew Adi Peretz wasn’t working on Bank Hapoalim,” The PasteBin dump says.

“They said our documents was “public”, are license files, private contract documents, private IDF workshops and internal network topologies public? If they weren’t public why did you removed our files and from public file hosting? Why did you removed our first Pastebin message? They knew the truth and they’re hiding it from their customers and the public,” it continues.

“Therefore, I am pleased that, in this case, we were able to impose repercussions for the attacker and achieve a small victory for the good guys,” Mandia concludes.

The post “Victory for the #good guys” – #criminal behind #Mandiant #hack arrested appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Enterprise security means listening to the bad guys

Source: National Cyber Security – Produced By Gregory Evans

The lines between good guys and bad guys when it comes to enterprise security have always been blurred. Although usually described as White Hats and Black Hats the reality of identifying people is far more grey. A culture of offering “bug bounties” – paying people who find holes in your…

The post Enterprise security means listening to the bad guys appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

How the bad guys did it: Thousands of Ohioans hacked, up to $35M stolen

One errant button click. That’s all it takes for a computer or mobile device to be infected or hacked. Just by getting people to click on malicious e-mail attachments, an international crime ring set in motion a scheme that infected … View full post on National Cyber Security Ventures

Male Moaning Mystery: Why Most Guys Choose Not to Do It

Wondering why your man is not making the same noises as you in the bedroom? Here are 8 possible reasons as to why that is—and how you can change them. Sex is an expressive form of communication, where people use their bodies and their minds in the most intimate ways possible. Read More….

The post Male Moaning Mystery: Why Most Guys Choose Not to Do It appeared first on Dating Scams 101.

View full post on Dating Scams 101

Venture ‘Into the Badlands’ With Daniel Wu: Martial Artist Battles Bad Guys in a Dystopian Future!

No American-made TV show — whether it’s produced by Netflix, the networks, cable or the premium channels — has come close to capturing the essence of Hong Kong cinema’s frenetic-paced, over-the-top, highly stylized martial arts action. Until now. I am, of course, raving about the outrageous and audacious martial arts action served up by the hit AMC series

The post Venture ‘Into the Badlands’ With Daniel Wu: Martial Artist Battles Bad Guys in a Dystopian Future! appeared first on Dating Scams 101.

View full post on Dating Scams 101

Hackers in ‘white hats’ join effort to thwart the bad guys

Source: National Cyber Security – Produced By Gregory Evans

Hackers in ‘white hats’ join effort to thwart the bad guys

High quality global journalism requires investment. Please share this article with others using the link below, do not cut & paste the article. See our Ts&Cs and Copyright Policy for more detail. Email ftsales.support@ft.com to buy additional rights. Commuters in the Israeli port city of Haifa fumed during a particularly tedious traffic jam two years ago, never guessing that the logjam was caused not by an accident or some other relatively customary event — but reportedly by cyber attack. It shut the city’s Carmel tunnel for eight hours, with the Associated Press later reporting a cyber attack, although the authorities never confirmed this. A hacker used a “Trojan horse” — a malicious computer programme — to shut down the security cameras monitoring the tunnel, the report said. High quality global journalism requires investment. Please share this article with others using the link below, do not cut & paste the article. See our Ts&Cs and Copyright Policy for more detail. Email ftsales.support@ft.com to buy additional rights. As transport networks — from cars to planes to trains — connect to the internet in hundreds of ways, hackers have found ways to disrupt the arteries of major cities. A single flaw in one […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Hackers in ‘white hats’ join effort to thwart the bad guys appeared first on National Cyber Security.

View full post on National Cyber Security

20 Sexy Things that Turn Guys On Every Single Time

Want to know how to get the guys drooling over you without even trying? Read on for the male perspective on turning guys on every time. It’s one thing to turn a guy on once he’s in the bedroom—after all, guys are pretty easy to please. Read More….

The post 20 Sexy Things that Turn Guys On Every Single Time appeared first on Dating Scams 101.

View full post on Dating Scams 101

22 Unintentional Girly Things You Do That Guys Love

What can you do to get noticed and make your guy go gaga? Apparently, not a lot. Here are 22 unintentional girly things girls do that drive guys wild. Trying to get a guy to notice you can be hella difficult, whether you’re single or in a relationship with one. Read More….

The post 22 Unintentional Girly Things You Do That Guys Love appeared first on Dating Scams 101.

View full post on Dating Scams 101