News German charity refuses to comply with Bitcoin ransomware demand — hackers attempt to extort hunger-fighting group for over $2 million

[Admin]

A German hunger-fighting charity is on the hook for some $2 million after being extorted by cybercriminals.

German charity refuses to comply with Bitcoin ransomware demand — hackers attempt to extort hunger-fighting group for over $2 million : Read more

 

[Dr3ams]

For personal hardware, I recommend making images of your OS and data on an external drive. Only connect it to your computer to upgrade or install the image. If someone tries to extort you by bricking your system, just give them the finger, then format and load the saved image.

 

[jamminonline]

For personal hardware, I recommend making images of your OS and data on an external drive. Only connect it to your computer to upgrade or install the image. If someone tries to extort you by bricking your system, just give them the finger, then format and load the saved image.

So, that isn't really the issue with these ransomware attacks, they aren't typically concerned with individual machines. The issue is, they find their way into a privileged account, and have free roam of the major architecture of the organization, since most enterprise/business suites are cloud based now with things like 365, or Google Workspace, or Zoho etc. They'll do things like delete permissions, encrypt data, as well as steal it all. They will shut off access to critical business services like email, social media accounts, financial applications, client data etc. They make it so you cannot conduct business until you have managed to get your service providers to undo all the damage that has been done, which can still result in months of losses when they finally can roll back to a safe version.

Even if you reflash a workstation, it'll be locked out by your own security controls, and that workstation isn't even important in the grand scheme of things to begin with.

 

[USAFRet]

For personal hardware, I recommend making images of your OS and data on an external drive. Only connect it to your computer to upgrade or install the image. If someone tries to extort you by bricking your system, just give them the finger, then format and load the saved image.

Its not just personal hardware, corporate hardware as well.

 

[circadia]

The WHH, like all charities without exception, is a criminal organization operated by people who are more despicable and way more predatory than the ransomware hackers who, in this case, are doing good work.

okay, any proof that all charities in general are operated by those people?
and, surely there must be good ones as well?
if not, how do we help people in lesser conditions?

 

[Joomsy]

okay, any proof that all charities in general are operated by those people?
and, surely there must be good ones as well?
if not, how do we help people in lesser conditions?

Shhh, conspiracy theories require you to relinquish all critical thought. You're poopin' in the punch bowl.

Anyway, good on them for not paying. That's why RaaS exists to the degree that it does; companies willfully paying bad actors all to preserve their image. I share the sentiment that those who do pay should be met with some kind federal reprimand. If they didn't make it so lucrative, it wouldn't be so prevalent, and they're the core enabler of the business model. That's just capitalism 101, and you'd think corporations would understand that. But no, shareholder perception matters much more than the public's, even if it means a compromised company holds information that can be used to hurt the public. There's no honor amongst thieves, though, and absolutely nothing stops them from releasing a data horde regardless of payment.

 

[DS426]

3en88 said:
"The WHH, like all charities without exception, is a criminal organization operated by people who are more despicable and way more predatory than the ransomware hackers who, in this case, are doing good work."


ORLY? And what is the good work that the hackers are doing? If you are talking about finding and releasing evidence of fraud, abuse, etc. by one or more staffers, that might be considered a moral justification if it was posted online for free in order to hold those offenders accountable. Asking for $2 million or otherwise it'll be sold... that's just the usual financially-motivated e-crime system at work. Well they would "just" be thieves, but what are thieves that effectively rob from the poor and inflicted?

There are a lot of small charities where almost every penny directly benefits those in need. People that volunteer hours of their time every day at little or no pay to help someone else in need. Maybe you should volunteer your time doing something good rather than making statements of inverted morality.

 

[USAFRet]

OK...this has gone way too far out of bounds.

Thanks to all who contributed.
But, closing this.