back to article We're now truly in the era of ransomware as pure extortion without the encryption

US and European cops, prosecutors, and NGOs recently convened a two-day workshop in the Hague to discuss how to respond to the growing scourge of ransomware. "Only by working together with key law enforcement and prosecutorial partners in the EU can we effectively combat the threat that ransomware poses to our society," said …

  1. amanfromMars 1 Silver badge

    Of Saints and Sinners, Future Angels and Current Daemons will there be No Guilty Trace

    What is the problem, and who has it, whenever certain secrets are too expensive to keep and liable to 0day export/import for remote customer clients/agencies tapping into fail-safe secure ransomware-on-demand honey pots from impossible to encrypt to preserve federal reserve type vaults/pan national treasuries ‽ .

    Private Mercenary/Public Piracy Trends are Valid Viable Valuable Going Concerns Not To Be Trifled With. Take Care Out There. IT’s an Almightily Mined Mind Field not Programmed either for or with Prisoner Wastrels/Dead Wood/Nodding Donkeys/Wannabe Tsars and Cardboard Caesars/Renegade Rogues and Jolly Rogering Misfits.

    And a Postmodern Eton Mess .... Just Desserts for a Self Chosen Few ‽ Hmmm? Now there's a Ponder to Wonder on and Decide to Declassify as Errant Nonsense rather than ..... well, take your pick ..... Confirm and Classify Top Secret Convenient or Inconvenient Fact :-)

    1. Youngone Silver badge

      Re: Of Saints and Sinners, Future Angels and Current Daemons will there be No Guilty Trace

      Postmodern Eton Mess .... Just Desserts for a Self Chosen Few

      I like it. In fact I'm going to steal it.

    2. sitta_europea

      Re: Of Saints and Sinners, Future Angels and Current Daemons will there be No Guilty Trace

      Is there a way on this site to hide/ignore all the posts from a certain individual?

      1. amanfromMars 1 Silver badge
        Thumb Up

        Re: Of Saints and Sinners, Future Angels and Current Daemons will there be No Guilty Trace

        Is there a way on this site to hide/ignore all the posts from a certain individual? ... sitta_europea

        No, so there be no need to worry yourself about that abortion of an application/facility/utility, sitta_europea. Your posts are imperfectly safe and secure here on El Reg.

  2. druck Silver badge
    Stop

    Kill the cryto, stop the scam

    Some of these thieves offer discounted ransoms to corporations to encourage them to pay sooner, with the demanded payment getting larger the longer it takes to cough up the cash (or Bitcoin, as the case may be).

    Bitcoin (or other crypto currency) in every case - if they could only accept payment in cash or via the banking system, their economic model would disappear over night. Cash requires presence in the country of the victim, and while there are ways to make money vanish in the banking system, it is very much harder to do, particularly if your country is cut off from the electronic payment systems.

    1. amanfromMars 1 Silver badge

      Re: Kill the cryto, stop the scam

      Cash requires presence in the country of the victim, and while there are ways to make money vanish in the banking system, it is very much harder to do, particularly if your country is cut off from the electronic payment systems. .... druck

      :-) ROFL ... A vanishing act all too easily done and recognised by more than just the current Dishy Rishi chancellor and the Comical Conservative Cabinet Cabaret team, druck, and particularly so if your country is dependent upon electronic payment systems.

      Thank goodness for the Magic Money Tree for without it they would be well and truly shafted, wouldn’t they? And then where would you also be?

      Scams don’t need crypto whenever blessed by the blind love of ignorant and arrogant idiots. Stopping that seeding feed though is a killer operation which just keeps on giving and is proving itself impossible to be stopped.

    2. anthonyhegedus Silver badge

      Re: Kill the cryto, stop the scam

      Exactly. Crypto is like a really sophisticated gambling system, predicated on a 'resource' of literally no value whatsoever, but whose scarcity is artificially created by spewing carbon into the atmosphere and literally ruining the planet. It has one compelling use case apart from the gambling: scamming (and general criminal activity).

      1. Dimmer

        Re: Kill the cryto, stop the scam

        If you want to get rid of Cryptos, come up with a solution it is attempting to solve. Anytime a government wants to pay for a war, social program or just line them or their friends pockets, they print money. In the states, we lost 30% of our savings, income and retirement in the last year because of the printing presses.

        Money has 2 variables, what it's value to you and the total quantity out there.

        In bitcoin the quantity is fixed, leaving the value up to you.

        In dollars the quantity is unlimited and you have no control over that, leaving only what it is worth to you.

        A good example is the latest "gun" bill Biden signed. I recommend everyone read it. (if you can get your hands on the actual bill). I read the draft. It is not what either party represents it as. It is all about millions of dollars going to orgs that I have never heard of. I have no confidence that it will help anyone is supposed to help.

  3. Ian Johnston Silver badge

    You know what should be a crime? Any use of the word "exfiltrate".

    1. Giles C Silver badge

      Well exfiltrate actually means to remove someone furtively from a hostile area. I.e. it is opposite of infiltrate.

      Not really stealing information or encrypting it.

      1. doublelayer Silver badge

        Yes, as in transferring data from an environment that does not want data transferred except through known channels. If people called it stealing, someone would be in there to say that the organization still has it and the attacker only has a copy, thus it's not theft. So what word do you want for "transfer out, circumventing protections intended to prevent that"? It doesn't have to be exfiltrate, but it's a concept people want to talk about, so a word is going to be chosen.

        1. amanfromMars 1 Silver badge

          Surely .... ?

          There is a present viable word for such a thrifty theft-less transference and express exfiltration of sensitive data through other than known proprietary information channels, doublelayer, with the resultant targeted product for subsequent onward future delivery being subtly tweaked and more finely performance tuned in the export process to render it a novel improved and quite wholly different informative model data stream.

          One describes the data as being “cloned”. And because the purged Information and parged intel is changed and improved, is the notion that any existing prior data has been stolen and presented by an attacker clearly errant nonsense and a misdirection/enfeebling distraction.

          1. Anonymous Coward
            Anonymous Coward

            Re: Surely .... ?

            Crimecloned

          2. yetanotheraoc Silver badge

            Re: Surely .... ?

            "There is a present viable word for such a thrifty theft-less transference and express exfiltration of sensitive data ..."

            You used _exfiltration_. If you hadn't, would anyone have known what you meant when you used _cloned_ ?

            Actually, I think exfiltration is a fine word for this scenario. Unambiguous, because it isn't used often otherwise. Precise, so not a typical buzzword. Close enough to the dictionary definition that even if you hear it for the first time, you can guess at the contextual meaning.

    2. Youngone Silver badge

      You know what should be a crime? Any use of the word "exfiltrate".

      I agree. When I am installed as Grand Emperor of the Galaxy, anyone using that term unironically will be forced to wash my car on Saturday morning.

      Yes, I will be ruthless and brutal. You have been warned.

  4. Binraider Silver badge

    The thing is with an extortion type-scam as opposed to crippleware; who's to say they won't threaten release again and demand payment twice. Or more?

    The one thing you can count on is the unchecked greed of these operations. And not even a backup is a defense.

    When will our govs wake up and ban the facilitators of such activity? (Cryptocurrency, certain OS features,etc )

    1. Doctor Syntax Silver badge

      Paying to not have the data released depends on trusting the honesty of criminals. That's a very unrealistic concept. Indeed, who's to say (other than someone you intrinsically can't trust) that anything of commercial value hasn't already been sold on?

  5. Dinanziame Silver badge
    Paris Hilton

    I thought bitcoins could be traced? At least there's been cases where criminals got caught after many transactions meant to launder their gains.

  6. Anonymous Coward
    Anonymous Coward

    But they may not regain customers' trust if they aren't transparent about what happened

    Well, I think "customer's trust" doesn't matter anymore, because customers already know that 'all' businesses lie and fuck up, so they'll be screwed wherever they go, and nobody keeps tabs on whether your utility company, mobile phone supplier, bank, supermarket, etc, etc - lied, or came clean. This is, I believe, akin to politics. You have top politicians, including country leaders, who are liars (on top of a bunch of other stinking characteristics), and I don't mean just Boris Johnson, there are plenty others, across Europe and elsewhere. They have been exposed, it's all public, their voters know about it, but they look around and it appears that the 'competition' are as bad, only - perhaps - their lies are less blatant because they haven't been in the limelight YET.

    With constanst flood of information about this leak and that breach, and constant droll of how businesses 'take security extremely seriously', customers just shrug and carry on, they already lost. The only difference between politics and business is that - technically - business is liable, but that also heavily depends on how the rules are drawn and how they are enforced (which, ironically, goes back to politics). And, arguably, as politicans can weather the storm, business can and do it too. Look at all the fines, have they had any _genuine_ and long-lasting effect on this or that business, other than, yet another press release that they agreed to pay the fine without accepting liability, or have long turned the corner and introduced even more robust systems', etc, etc. Fines are calculated as business expenses rather than a red flag for potential structural weakness.

    1. amanfromMars 1 Silver badge

      Re: But they may not regain customers' trust if they aren't transparent about what happened

      Talking of Harry Limelighting Lies as we here are, Anonymous Coward ..... Is the following tale a damnable lie, and something which the West and its parody of leaders are desperate to not have the oxygen of publicity because it would so obviously highlight their guilt and complicity in a continuing saga of monumental crimes against humanities and Eastward facing communities ........ https://www.zerohedge.com/geopolitical/explosive-report-confirms-expansive-cia-stealth-network-spies-commandos-inside-ukraine ...... or is it in novel IT and energising AI circles, a most inconvenient of deepening truths which to counter and deny has one clearly identified as an ignorant and arrogant mortal enemy of enlightened states ..... and person of interest to secret and security forces?

  7. Anonymous Coward
    Anonymous Coward

    Novel idea - tightly limit access to truly private/damaging data

    I know it seems like a new concept, but it sure sounds like properly siloing data would stop a lot of this - just because you got into the main corporate network doesn't mean you have access to anything sensitive or damaging. Don't store any more data than you strictly need to, and keep anything sensitive behind additional safeguards, accessible to only a very few people.

  8. Anonymous Coward
    Anonymous Coward

    <joke> Does their marketing include online ads containing trackers?

    Any chance we can get ahold of those trackers and hit both the seller and buyer before they can use the tools? </joke>

    A pity the answer is undoubtedly no; it would finally be a legitimate use for ad-based tracking.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022