720-891-1663
Return to list of client alerts
The RansomedVC cybercrime group claims that they hacked Sony.
“We won’t ransom them”, they say, “We will sell the data due to Sony not wanting to pay. Data is for sale.”
It appears that the hackers stole source code associated with Sony’s Creators Cloud media production source code.
While not as bad as the last big hack when they stole multiple movies before they were released in the theatre, losing your source code is a big deal.
While hacker’s claims can be exaggerated, they claim to have stolen data rom Jenkins, SVN, SonarQube and Creator Cloud development systems.
As companies get better both about making sure that they are backing up all important systems and that those backups are secure, many of them are choosing not to pay the ransom. For example, even though Caesars decided to pay the ransom, MGM did not and they were able to recover thousands of systems in a few days.
Hackers know that the old days of encrypting data to get a ransom are over. At least for the smart companies. Many companies, especially smaller ones and those in the public sector (like the city of Dallas recently) do not have their cybersecurity acts together and do pay the ransom.
But that doesn’t mean they are quitting the game, just shifting to the side a little bit.
The data that you have is valuable and saleable. Hackers figure out what your crown jewels might be – whether it is software or information – or even your clients’ intellectual property. The MOVEit hackers have stolen tens of millions of records from a couple of thousand companies. Do you think they can make money selling that? Yes they can.
Dealing with ransomware is hard. You have to buy it and make sure you have keys to it and then, if the victim pays the ransom, you have to decrypt the data. Why not just steal it and sell it on the black market. Way easier, less overhead and probably more profitable. Credit: Metacurity
Are you prepared to stop hackers from stealing your crown jewels? Are you sure? If you would like us to review your plans and make recommendations, please contact us.