Why Does Hacking Persist – It’s Simple

People often ask me how come the hackers seem to be winning in spite of the seeming endless spend on cybersecurity, security training and law enforcement.

Let me give you a couple of recent news items and see if you can figure it out.

• Auto Dealer software vendor CDK is reported to have paid hackers $25 million, according to The Truth About Cars after their systems were crippled for weeks by a ransomware attack. Dealers were reported to have lost close to a billion dollars due to the multiweek outage.
• AT&T is reported to have paid hackers nearly $400,000, according to Metacurity, a true bargain for AT&T. The data would have been very useful for hackers conducting phishing attacks.
• ChainAnalysis, a blockchain analytics firm, reported that ransomware payments exceeded $1 billion in 2023, a new record.
• Change Healthcare disclosed that it paid a $22 million ransom earlier this year, according to Security Intelligence, after a month long outage that crippled the healthcare industry. Some reports say that they paid the ransom twice due to a dispute among the hackers, potentially making that a $44 million payday. They did not get their data back after the payment.
• The hotel chain Caesars paid out $15 million in ransom, according to CNBC, after they were hit by a ransomware attack. Their competitor, MGM, did not pay and they were down for a much longer time.
• The University of California San Francisco paid a $1 million+ ransom, according to IT Governance, after a month long standoff.
• Travelex, the global currency exchange service, is reported to have paid a $2.3 million ransom, according to IT Governance. They initially said the attack would not have a material affect on the company. A few months later they filed for the British equivalent of bankruptcy.
• Brenntag, the global chemical distribution firm, is reported to have paid a $4.4 million ransom.
• Colonial Pipeline paid a $4.4 million ransom after they were attacked, but the FBI hacked the hackers and is reported to have gotten at least some of the money back.

These are just a few of the hundreds and hundreds of news items. This, of course, does not count the multitude of incidents that don’t even make the news.

Do you see any common denominator here?

Bank robber Willie Sutton is attributed to a lot of quotes including:

• I rob banks because that’s where the money is
• Go where the money is…and go there often
• You can get more with a kind word and a gun than you can get with just a kind word
• It is a rather pleasant experience to be alone in a bank at night

Bottom line is that hackers continue to launch ransomware attacks because it is highly lucrative.

What is missing here is the secondary effect of ransomware.

For those companies that don’t pay to get their data back, the hackers make billions of dollars from either selling the data or from using it themselves to exploit the victims whose only mistake was being in the wrong place at the wrong time. If you were a Change Health customer’s customer (the second and third tier effect) you had no way of knowing that your data would be sold and you would have to deal with the effects.

Until we figure out a way to stop turning hackers, including state sponsored hackers from places like China and North Korea into multi-millionaires overnight, this problem is not going away.

Of course, you should always assume that these crooks are honorable and will do whatever they say they will or won’t do after you make them a millionaire.

Bottom line, it is way better to reinforce your security than have to deal with the aftermath of an attack.

If you need help, please contact us.

by