Press "Enter" to skip to content

Vegas doesn’t pay out this time – what does it mean?

From Business Insider: “Last month, Las Vegas’ largest public school district announced that a hacker compromised some of its files using ransomware and was holding the files hostage while demanding a ransom payment.

Now, a hacker has published files containing students’ grades and personal information after school district officials refused to pay the ransom.

And while we’re covering ransomware, Universal Health Services, one of the largest healthcare providers in the US, has been hit by a ransomware attack, leveraging the known Ryuk ransomware.       A notable quote from the story:

“It is sad to see that despite hackers’ claims to stop healthcare cyber-attacks during COVID-19 crisis, such attacks still take place”, said a VP of product management for an IT security firm.  

Why do we care?

The reason we care is the quote from the threat analyst interviewed:

“Ransomware attacks happen for one reason, and one reason only: they’re profitable,” Callow told Business Insider. “The only way way to stop them is to make them unprofitable, and that means organizations must stop paying ransoms.”

That is the key takeaway today.    Position yourself and your customers with that goal in mind – you won’t pay.    You want to be in a position so you don’t HAVE to pay, and that’s why the protections matter.

You should assume it will happen, and you want to ensure you minimize any damage and don’t have to pay.  The other portion of this is make it so hard for them to monetize to minimize the exposure, because the criminals are proving they will follow through on the threats, and extortion-ware is likely the next escalation.  

My continued push for zero-trust as the approach is because of exactly this – if you minimize the surface area and the access allowed, you minimize what can be released.      

I also must comment on that quote – you are bemoaning that those who are violating laws and holding hostages aren’t keeping their word?   I didn’t name the individual because it’s frankly ridiculous – and to be in cybersecurity and act this way is irresponsible.      I’m not surprised one bit the criminals behaved this way – and if this is the reaction, no wonder we’re losing.