Holding Documents Hostage Doubles As Nice PR Stunt
from the not-so-surprising dept
This story by the Associated Press seems bound to get a lot of attention, but you have to wonder if it's really that well deserved. Some company apparently had some documents "held hostage" by a malicious hacker. Somehow, the hacker got onto their system, accessed their documents, and then locked them up by encrypting them. Along with it, he left an email address and a note demanding $200. It makes for a good story (how long until it appears as a storyline on a TV show or a movie?), but it doesn't seem like that big a deal. First, it seems like an obvious next step for a malicious scammer who has accessed local documents. If anything, it's surprising this hasn't happened before. In fact, it probably has, but the AP didn't find out about it. Second, if you protect your system and back up your data, this seems unlikely to be a problem. Still, now that it's getting attention, based on one case (where the data was easily retrieved anyway) we're bound to see more stories about it. Of course, the source of the story is (surprise, surprise) a security firm that is probably thrilled with the publicity. Oh right, that's how PR works -- especially among security companies. You make your name by getting the press to write about some little-known, low risk security situation that sounds scary, and make sure your firm's name is plastered all over the story.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
My sarcasm filter wasn't sure
"...if you protect your system and back up your data, this seems unlikely to be a problem."
You sounded serious, but I laughed my ass off at that. That's fine for you and me, but an automated worm that did this would be a major problem for people who don't have their systems properly protected to begin with -- see the problem? Those people, most people probably, won't have decent backups either.
I agree this is FUD hype mostly for now. I'm more worried that as it gets plenty of press it will be self-fulfilling, if it gives people ideas for a 'better' virus mousetrap. But if this were unleashed on a large scale, the need to route the money somehow would likely be the authors' downfall.
[ link to this | view in chronology ]
Silly news story, but...
"More often than not, when your machine has been the victim of a cracker's attack, the best solution is to completely reinstall the operating system, being sure to apply all relevant patches to the machine... I have many times been asked if a complete reinstall is absolutely necessary. The short and simple answer is "yes". Once a machine has been compromised, there is virtually no way to know everything that a cracker did..."
How to Get Back to Business
[ link to this | view in chronology ]