Cyber security seems a tough field especially when unknown companies like CDK crash an industry.
Should companies give into terrorists - ie pay the ransom?
My workplace - local govt - says they will not pay. Our IT director has said for several years this is what keeps her up at night. We go through so many security trainings and have strict protocol for everything. If you even think you might have done something, you’re supposed to immediately shut your computer down and unplug it from the wall and network and it will likely get wiped.
But if it does happen, the protocol to bring everything up is scary. Basically everyone except emergency personal is locked out of the building. And emergency personal must do everything by paper until they tear everything down and slowly bring it up. And I believe the process was supposed to take weeks.
I am so paranoid. I do not want to be the one that brings it down!!!
3 Likes
Funny at my work, we get this spam sent to us. Sometimes it looks real.
We have a button “check for phishing” in outlook at work. If you are concerned you press that.
I do a lot. Sometimes it says it’s internal, sometimes marketing but sometimes it says you passed our test. They send dummy emails.
But with thousand is employees I always think someone is going to get beat.
Like you, I’m fearful that it will be me.
4 Likes
We have that too. I’ve gotten several bad ones over the years. And anything that comes from an external email gets a big banner slapped onto the top letting you know, in case they spoof someone’s email.
They also send out those test emails. Fortunately I’ve passed each time!
But with a couple thousand employees it does feel like it’s inevitable that something will happen someday.
2 Likes
Getting back to the topic. Pay a ransom…or not. What guarantee does anyone have that once a ransom has been paid, that the issue will be resolved? None.
1 Like
I surmise you’d be in the clear if you paid because if you paid and they still held you hostage, future people won’t. They will be hacking others. So they have to be honest in this sense.
I wish the governments could track these people down. I mean you are paying to someone. But for all we know these can be government directed.
If you are CDK and own more than half the industry, if you don’t pay and this goes on and on, then you lose to the other two competitors. Customers can’t afford to wait although integrating a new provider is a challenge all its own. So your livelihood is at stake.
But those competitor’s know they can be targeted too so they can’t be outright capitalistic in this case.
It’s crazy this continues to happen. Even when companies invest in cyber security although I don’t know to what level CDK has.
One day i hope we can chase these people down. The employment of many (hundreds of thousands) is impacted.
We are this world power and yet our citizens are routinely being hurt by foreign cyber powers.
That’s what’s so scarey about cyber attacks. You can make them happen from thousands of miles away, and they’re very difficult to track down.
1 Like
I know two companies that paid. So sad.
Occupationally I’m in Finance but I support our IT group (pay for their stuff). We do the spoof testing of spam as well.
A side impact of some of this that is rarely talked about is that for the company that does get hacked, even when they’re able to bring their systems back up - the other companies they connect to and interface with are very hesitant to re-establish those connections.
Airgap technologies can help mitigate total corruption of data but a company would still be starting from scratch to wipe servers, reload software, configure, etc. For any major company that’s going to take months.
1 Like
Even once/if you track them down there’s often not much you can do. US Military isn’t going to invade China because some hackers there ransomed some US corporation. Trace the money through some banks and maybe sanction any bank that services the criminals… not sure what other options there would be.
You’re absolutely right - but I think the history on these has generally been that once the ransom is paid they DO release the system. If it was more likely than not that the cybercriminals wouldn’t release the system no company would ever pay - sort of self defeating on their part.
You’d hope the governments where these folks are operating from would go after them but they might be complicit.
2 Likes
I think it’s less about the government being complicit, and more about the government being under-resourced, controlled by the military, with no checks and balances, a judiciary which is fearful of death threats/kidnapping, and no continuity in the managerial/administrative ranks. These countries often have well meaning, fragile governments but the real power is either with the military or a group of oligarchs who control the wealth/natural resources.
Just something to think about as we head into another election cycle. Protecting our democracy is no easy task.
Oh I thought it was the Russians and Hungarians or other Eastern European autocrats:) they don’t place nice.
I have been told by somebody in the know that when her company was hit the FBI instructed them to pay, so they did.
1 Like
I’ve read that with ransomware if you want your stuff back. Terrible.
CVS and their coupon network paid a huge ransom. Their system was hacked and coupons weren’t working. The pharmacist said it just guarantees next ransom will be higher!
1 Like
All for coupons. Saved a few trees. When u check out at cvs they print the longest coupons!!
This was pharmacy coupons and that’s a major issue for patients. It was a national hack and nay have been other pharmacies too.
You can buy ransomware insurance. Can’t imagine it’s cheap and guessing that they do a deep dive into the companies security HW/SW/Protocols when determining the coverage.
This topic was automatically closed 180 days after the last reply. If you’d like to reply, please flag the thread for moderator attention.