back to article Thanks for the memories... now pay up or else: Maze ransomware crew claims to have hacked SK hynix, leaks '5% of stolen files'

The Maze hacker gang claims it has infected computer memory maker SK hynix with ransomware and leaked some of the files it stole. The South Korean semiconductor giant could not be reached for comment. For what it's worth, the Maze crew doesn't tend to need to fib about these sort of things. When it claims to have infiltrated a …

  1. Chairman of the Bored Silver badge

    Tossers.

    That is all.

    1. cb7 Bronze badge

      Re: Tossers.

      Rich tossers.

      And getting richer unless someone comes up with a foolproof way of defeating ransomware.

      With all the clever people in this world, I'm surprised it's taking this long.

      1. Andy Non Silver badge

        Re: Tossers.

        The problem is often the weakest link - unpatched software, poor passwords, insecure / badly configured servers, staff not trained against phishing emails or calls. Combine this with a poor backup regime and the hackers have got you by the balls.

        1. Snake Silver badge

          Recovery

          We all talk of good backups but that only gets you access back to your data, it doesn't mitigate, in the least, the leak of the possibly-sensitive documents that have occurred from the theft.

          It's easy to talk about hardening hardware, software and wetware but, especially in the wetware department, exactly how are you going to do that both productively and efficiently? Getting hundreds or thousands of humans on board regarding good operational practices, and maintaining those good practices across time, is known to be practically impossible - people will fall back to their old habits, especially if the new habits involve any additional level of labor on their part.

          So the best you can do is create automated systems (anti-malware, etc) in the hopes of keeping the users safe from their own actions. But this isn't foolproof - nothing is. Even hardening those servers, networks, firewalls, air gaps and backups. This stuff is still bound to happen unless, IMHO, we make the criminals pay so heavily, make these actions state-level crimes with penalties at the level of "You'll never see daylight again", that the scum think twice of even attempting it. And actually putting in the effort to enforce that threat.

          1. Andy Non Silver badge

            Re: Recovery

            "IMHO, we make the criminals pay so heavily, make these actions state-level crimes"

            In practice it would need to be a fully internationally recognised and punishable crime assuming the miscreants can even be identified. However I can't see European countries or the US etc getting any cooperation from China, Russia and North Korea to mention a few. From what I understand, North Korea actually has state sponsored units to steal international currency this way.

            I agree with you about the wetware. A family member sent his staff on a security / anti-phishing course and a week later one of them fell for the telephone scam call from "Microsoft". The excuse being the Microsoft is one of their clients, but they basically allowed the scammers full access to their servers! Considering this was a firm of financial advisors handling many millions of pounds in investments for their clients it was very much an oh-shit moment.

          2. NiceCuppaTea

            Re: Recovery

            We all talk of good backups but that only gets you access back to your data, it doesn't mitigate, in the least, the leak of the possibly-sensitive documents that have occurred from the theft.

            Encrypt your data at rest!

      2. Mike 137 Silver badge

        Re: Tossers.

        The fundamental problem is lack of robustness at the victim end. Ransomware (like any other attack that typically starts at the workstation) only gets to affect a corporation because it can spread internally. There are many controls that can in principle contribute to restricting its spread, but they're just not usually implemented.

        Most corporate networks are wide open: a hard-ish shell full of holes surrounding an ultra- soft centre.

        1. Anonymous Coward
          Anonymous Coward

          Re: Tossers.

          "There are many controls that can in principle contribute to restricting its spread, but they're just not usually implemented."

          And any such controls can still be defeated by an adversary with enough skill and patience. I mean, to be able to exfiltrate that much data and not get noticed somewhere along the way speaks of at least some level of sophistication, such as pwning the backup process to do three things at once: exfiltrate the data by redirecting it from whatever offsite server it's supposed to go to Maze's clutches, conceal the exfiltration by disguising it as traffic for the offsite backup, and removing the easiest means of restoring the data without paying by taking away the actual backup.

      3. LDS Silver badge

        foolproof way of defeating ransomware

        Kill the cryptocurrencies.... making them useless game coins.

      4. Cuddles Silver badge

        Re: Tossers.

        "With all the clever people in this world, I'm surprised it's taking this long."

        Modern humans have been around for something like 100,000 years*, and we have yet to come up with a way of avoiding fools. The fact that computers are involved in this case doesn't change anything. No amount of clever people can stop fools being fools, and as long as a system allows humans to be involved in it those fools will find a way to be foolish.

        *Slightly off topic, but estimates vary from around 50,000 to 300,000 years, and there's plenty of evidence of a decent level of intelligence existing long before that, presumably with fools to go along with it.

        1. Symon Silver badge
          Paris Hilton

          Re: Tossers.

          re:-'presumably with fools to go along with it'

          "Think of how stupid the average person is, and realize half of them are stupider than that." -> George Carlin.

          https://youtu.be/8rh6qqsmxNs

  2. This post has been deleted by a moderator

    1. This post has been deleted by a moderator

  3. RM Myers Silver badge
    Unhappy

    Make It Illegal to Pay

    The more this happens and more financially lucrative it becomes, the more convincing the argument for making it a crime to pay ransomware becomes. I would probably also make it a crime to pay the criminal not to release stolen data. I just don't see any other practical way to make a major dent in this racket - there are just too many businesses, governments, etc who are potential victims.

    I realize this may not be a perfect solution, and would require many countries to change their laws, but I just don't see a good alternative which is likely to happen.

    1. Charles 9 Silver badge
      Stop

      Re: Make It Illegal to Pay

      Anything that requires a lot of countries to change their laws is a non-starter. Especially if one or more of those necessary countries are currently hostile to the West; to them, it becomes a boon instead of a bane.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020