News AMD Purportedly Targeted by RansomHouse Extortion Group, 450Gb of Data Stolen

twocows360

Distinguished
Dec 9, 2013
7
3
18,515
It won't happen, but if governments just made it illegal to pay the ransom (and gave those laws teeth), ransomware would largely go away. It exists because people will pay; make it scarier to pay than not to pay and most hacking groups won't find it worth the effort.
 

King_V

Illustrious
Ambassador
It won't happen, but if governments just made it illegal to pay the ransom (and gave those laws teeth), ransomware would largely go away. It exists because people will pay; make it scarier to pay than not to pay and most hacking groups won't find it worth the effort.

I don't know if it's quite that simple. What's to stop them from selling the information? I mean, even if EVERY country somehow made it illegal to pay the ransom, and, of course, illegal to buy stolen goods, it's pretty obvious that there are a number of governments and/or corporations who are quite willing to buy stolen data.

I mean, it's quite obvious that companies are quite willing to break the law in any number of ways, betting that they either won't get caught, or if they do, the penalty will be so small that it was worth breaking the law.
 
I don't know if it's quite that simple. What's to stop them from selling the information? I mean, even if EVERY country somehow made it illegal to pay the ransom, and, of course, illegal to buy stolen goods, it's pretty obvious that there are a number of governments and/or corporations who are quite willing to buy stolen data.

I mean, it's quite obvious that companies are quite willing to break the law in any number of ways, betting that they either won't get caught, or if they do, the penalty will be so small that it was worth breaking the law.

While I agree with you about it never being that simple, you "NEVER EVER PAY THE EXTORTIONISTS" Give a mouse a cookie...
 
  • Like
Reactions: artk2219

funguseater

Distinguished
It won't happen, but if governments just made it illegal to pay the ransom (and gave those laws teeth), ransomware would largely go away. It exists because people will pay; make it scarier to pay than not to pay and most hacking groups won't find it worth the effort.

Wait, you mean make it illegal like extorting companies for ransom. Thats not working out so well.
 

twocows360

Distinguished
Dec 9, 2013
7
3
18,515
Wait, you mean make it illegal like extorting companies for ransom. Thats not working out so well.
Only because it's harder to punish the people doing the extortion.

Make it illegal and punishable with a fine that hits harder than the ransom would. And if you don't think that's fair to the would-be victim, consider that money going to ransomware extortionists often ends up in places like North Korea or in the hands of mobsters and despots, in the hands of human traffickers, etc. There's a substantial public benefit involved with making sure ransoms aren't paid even without getting into the effect on the ransomware industry it would have if nobody paid ransoms.
 
  • Like
Reactions: prtskg

Kamen Rider Blade

Distinguished
Dec 2, 2013
1,280
810
20,060
Only because it's harder to punish the people doing the extortion.

Make it illegal and punishable with a fine that hits harder than the ransom would. And if you don't think that's fair to the would-be victim, consider that money going to ransomware extortionists often ends up in places like North Korea or in the hands of mobsters and despots, in the hands of human traffickers, etc. There's a substantial public benefit involved with making sure ransoms aren't paid even without getting into the effect on the ransomware industry it would have if nobody paid ransoms.
I concur, ransoms shouldn't ever be paid.

Legally prohibiting it is what matters.
 

Giroro

Splendid
Only because it's harder to punish the people doing the extortion.

Make it illegal and punishable with a fine that hits harder than the ransom would. And if you don't think that's fair to the would-be victim, consider that money going to ransomware extortionists often ends up in places like North Korea or in the hands of mobsters and despots, in the hands of human traffickers, etc. There's a substantial public benefit involved with making sure ransoms aren't paid even without getting into the effect on the ransomware industry it would have if nobody paid ransoms.

So your plan is to punish victims for reporting a crime? I'm not so sure that would have the intended results. Even if you were able to fully educate the population about the laws (laws are only a deterrent when people actually know about them), I'm reasonably sure that would just turn "don't pay the ransom" into "don't get caught paying the ransom".

It would be a lot more effective to teach people to value their privacy and security, reinforce legal privacy protections and codify the idea that personal data is personal property that is constantly being stolen, and to frankly just teach people how to use their computers and how to interact in a connected world.
Lesson #1: Just because something is written in your native language does not mean that it is true, nor does it mean that it was written by somebody who has your best interests in mind.

Of course, a company like AMD should be leading by example. They're protecting crucial IP, valued at billions of dollars. That's a bit more valuable than your average person's photo collection and bank password.
 

domih

Reputable
Jan 31, 2020
187
170
4,760
The RansomHouse extortion group claims to have 450Gb of stolen AMD data and is charging an unknown ransom.

AMD Purportedly Targeted by RansomHouse Extortion Group, 450Gb of Data Stolen : Read more

From the article: "...The group claims that AMD used simple passwords like 'password' to protect its networks, leading to the breach..."

Damn, I did not see that one coming o_O

facepalm-head.jpg
 

Math Geek

Titan
Ambassador
if they are dumb enough to have super secret stuff accessible from the web, they deserve whatever happens to it.

i can't imagine 450 gb is just hr files on employees. there has to be some juicy stuff included in that much data.
 

edzieba

Distinguished
Jul 13, 2016
423
413
19,060
It won't happen, but if governments just made it illegal to pay the ransom (and gave those laws teeth), ransomware would largely go away. It exists because people will pay; make it scarier to pay than not to pay and most hacking groups won't find it worth the effort.
Just as making it illegal to sell or resell stolen goods ended theft?
 
  • Like
Reactions: King_V

shawnlau

Prominent
Feb 23, 2021
20
4
515
So is Ransom House going to start bootlegging Radeon cards? AMD price is hinged to some basements boys bragging? What are they going to do with it? This just stinks of a stock spoof. Like the affluent goverments won't be able to identify the proprietary technology and seize the bootlegs. Like some dark web boy steals Space X data and is going to build a rocket ship?
 
Last edited:

USAFRet

Titan
Moderator
You can't make it "illegal" to pay the ransom. Especially across every country on the planet.

Even just among the 3 or 4 major players.
If Russia or China or US or India made it "illegal", the other ones would not do that, just because.

Heck...Russia would fund a group like that to mess with everyone else, just because...
 
  • Like
Reactions: King_V