720-891-1663

AI, Alerts, Best Practices, Breach

You Can’t Trust Cyber Crooks – DUH!

Leave a comment

It was always difficult to separate fact from fiction when it came to breach information. Too many players had their own agendas to know what was real.

Now there is another player in the room and it is FEAR, UNCERTAINTY AND DOUBT.

Over the past four months alone, the press, social media accounts, and some researchers have reported several high-profile incidents that turned out to be false or at least far different from what they initially seemed.

A supposed breach of 48 million records from Europcar back in January was, according to the company, a fiction made up by AI.

In February, the ransomware group LockBit supposedly did the Phoenix thing and resurrected itself from the ashes after law enforcement swooped in. The claimed they were going to release a bucket of data from the Fulton County (Georgia) hack. That never happened. Likely it was a stunt to try and get the ransom even though they did not have the data.

Also in February, a likely lone hacker claimed that they hacked gaming giant Epic and stole nearly 200 Gig of data. They also claimed they hacked Ireland’s Department of Finance. Finally, they admitted that they are just crooks trying to steal a buck.

In April a hacking group called DoD (having nothing to do with the Defense Department) claimed they hacked the EPA and stole data including a contact list of critical infrastructure organizations. It turns out that data was public.

Also in April, a group posted data on its dark web site about the sale of four terabytes of data they claim was stolen from Change Healthcare. Probably not.

All of this is designed to scare organizations into paying and paying quickly.

It is surprising that we can’t trust what criminals tell us, right? You’re surprised about that. Hopefully, NOT!

Likely a part of the reason we are seeing more made up garbage is that law enforcement is being much more effective than it was even just a few years ago and more organizations are not paying the ransoms, ChangeHealth not withstanding.

Infighting among the groups themselves (like in the ChangeHealth attack were one hacking group stole the ransom and did not share like it was supposed to) doesn’t help either.

Of course, we can’t ignore the effects of social media and online so-called news in spreading information way too quickly with no verification. That is not only a problem with cyber attacks, of course.

So, the question becomes, what should you do if you are attacked.

The answer is not always simple or clean, but if you need help, please contact us.

Credit: CSO Online

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2024 CyberCecurity, All rights reserved. Privacy Policy