Is this the answer to the ransomeware scourge? Go after the "banks"?
What about the elephant in the room -- IT security? What IT security?
Have a look at After ransomware attack, company finds 650+ breached credentials from NEW Cooperative CEO, employees:
* The password "chicken1" was common among the company's 120 employees and was used over 10 times.
Kahn added that the firm's CEO Brent Bunte appeared to have the second highest number of instances of breached credentials while other current executives also had passwords that had been leaked.
* We saw that the Colonial Pipeline breach was ultimately a result of a bad password
The US Government's strategy of going after the hackers, affiliates and their "banks" without acknowledging that the bigger problem is actually the victim's poor response(s) to IT security is not going to fix this.
Not only did the victims shot-themselves-in-the-foot by having very poor IT security, they also made sure their critical systems were exposed to the internet. It was a perfect storm and self-inflicted injury packed in one neat box. Ready for the
We kept making jokes among ourselves about "admin/password" but, in reality, it is way more common and very widespread.
There are many instances that the hacks could've/would've been avoided if someone actually took simple IT security seriously.