Washington, United States | In March 2020, Tillamook County, Oregon, agreed to pay 000 300,000 to retrieve hacked data from hackers. Like the victims of hackers, she was willing to give up the ransom demand, with some experts advising against it.
“We no longer have a telephone, internet or computer system,” said Bill Bertlin, head of the countryside, which has 26,000 residents near Portland during an online seminar.
Authorities are investigating whether the system can be unlocked without payment, but “we decided it could probably not be done,” he said.
Negotiations with the hackers, which he said belonged to Russia, lasted for several weeks and with the help of a computer security firm the city eventually paid.
“We think it only happens to others. It happened to us and it can happen to anyone,” he commented.
In total, the case would have cost Tillamook 25 525,000, including legal fees and commissions, but it would have cost less than a million to replicate the entire system, which, according to the operation, would have been between one and two years, Bertlin said.
Four months later, the University of Utah is paying nearly 60,460,000 to retrieve its students and staff data that was encrypted by hackers, despite the “risk” that cybercriminals would “not follow contract terms.”
To bring pressure on their victim, hackers sometimes leak some part of the data.
The same thing happened to Washington police after a cybercriminal group targeted the Babuk attack, which seized the administrative and personal files of police officers in the American capital.
A police spokesman confirmed that cyber hackers on Tuesday released encrypted files of 20 officers.
“Negotiations are at a standstill, the amount given to us is not enough for us,” the group said in a message, threatening to expose all stolen files with their decoding key.
According to special media, they are associated with psychological assessments, professional interviews, social security numbers, addresses and telephone numbers of agents or their electronic signatures. Data that can be used by other cybercriminals.
Other attacks, such as critical infrastructure, have economic consequences.
The hack of Colonial Pipeline, the operator of a major pipeline system in the United States, ceased operations last week and tens of thousands of motorists rushed to gas stations in fear. On the east coast, gasoline shortages occurred in many areas.
Colonial Pipeline announced on Wednesday that it had “begun” a resumption of operations in its pipeline. However it takes “many days” to return to normal.
In the wake of this big new attack, US President Joe Biden on Wednesday signed an executive order to improve cyber security in the United States.
The presidential decree is intended to appoint companies to communicate in the event of computer violations. It also seeks to establish cybersecurity standards for government and federal agencies and to establish a national cybersecurity office.
Anne Newberger, a White House senior cybersecurity adviser, said Monday that businesses should consider the cost-benefit ratio.
Federal police and some experts are advising against paying the ransom.
“It encourages criminals to target new victims and encourages other people to commit these types of illegal activities,” the FBI, which is dedicated to data theft, said on its Web page.
According to the Danish computer security firm Heimdall, half of the hack victims did not recover their data. And, even if they recover, there is no guarantee that they will not be resold on the “dark web” already.
Finally, for American companies, paying the ransom may be illegal in some cases, Heimdall believes.
In October 2020, the Treasury Department of Foreign Assets Regulatory Office (OFAC) reported that companies that paid a ransom could go through an intermediary, such as an insurance company, and be investigated and fined. Washington sanctions.