Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Crime Security

Paying Hacker Extortion 412

An anonymous reader writes "A friend works as CIO at a medium sized publicly traded company. The company was contacted by a hacking group and told to pay $100,000 to prevent their company from being hacked/attacked. They actually paid the extortion (told authorities after). The authorities said the company could be charged with supporting Terrorists. Seeing that most publicly known hacks are costing companies this size nearly a million dollars, Is this supporting terrorists or supporting stockholders?"
This discussion has been archived. No new comments can be posted.

Paying Hacker Extortion

Comments Filter:
  • And now (Score:4, Insightful)

    by The MAZZTer ( 911996 ) <<megazzt> <at> <>> on Tuesday June 21, 2011 @04:40PM (#36519272) Homepage
    They'll just be hacked anyway.
  • Short answer (Score:2, Insightful)

    by Volante3192 ( 953645 ) on Tuesday June 21, 2011 @04:40PM (#36519280)

    Is this supporting terrorists or supporting stockholders?

    One in the same...

  • Here's a thought (Score:5, Insightful)

    by Dunbal ( 464142 ) * on Tuesday June 21, 2011 @04:42PM (#36519316)
    How about hiring someone who actually has some idea about security. THAT is supporting stockholders.
  • Re:And now (Score:5, Insightful)

    by odin84gk ( 1162545 ) on Tuesday June 21, 2011 @04:43PM (#36519336)

    They will get asked for money on a yearly basis.

  • by Jaime2 ( 824950 ) on Tuesday June 21, 2011 @04:44PM (#36519366)
    Paying ransom is almost always a bad idea for the community as a whole. The authorities are simply trying to make the company do the right thing instead of the selfish thing. The biggest problem with security is that the incentives are rarely aligned with the responsibilities; this is a classic case of re-aligning those by pushing the societal cost back to the people who are in a position to make the decision.
  • by copponex ( 13876 ) on Tuesday June 21, 2011 @04:45PM (#36519374) Homepage

    With the savings your friend could hire some real security experts to keep their systems online.

    As for the terrorism bit, it makes me wonder when we can sue members of Reagan Administration for arming the proto-Taliban, Saddam Hussein, and Iran. Clinton and Obama owe us a few bucks for Pakistan too, when they inevitably start arming terrorist in the near future. What's good for the goose is good for the gander, right?

  • by Anonymous Coward on Tuesday June 21, 2011 @04:45PM (#36519388)

    The same way that people have been transferring money illegally for decades: wire transfers to Caribbean banks with strict privacy laws and lax banking regulations.

  • Neither (Score:4, Insightful)

    by Rary ( 566291 ) on Tuesday June 21, 2011 @04:46PM (#36519398)

    Is this supporting terrorists or supporting stockholders?

    "Supporting terrorists" is a stupid description, and the idiot who said that needs a kick in the teeth. However, also stupid was paying these jackasses. Take every precaution you can, get the authorities involved as a backup, maybe even alert your shareholders to the threat, but do not pay extortionist script kiddies.

  • by interkin3tic ( 1469267 ) on Tuesday June 21, 2011 @04:55PM (#36519558)
    It does seem like $100k spent on security would have longer benefits than one payoff. For that matter, maybe a $100k insurance policy would be a better investment.
  • by Anonymous Coward on Tuesday June 21, 2011 @04:55PM (#36519560)

    The authorities are simply trying to make the company do the right thing instead of the selfish thing.

    And threatening them with a crime is always a good way to encourage them to talk to the cops next time, because I'm sure the cops would have put that right at the top of their todo list before the money had traded hands.


  • Re:And now (Score:4, Insightful)

    by jmorris42 ( 1458 ) * <> on Tuesday June 21, 2011 @04:56PM (#36519578)

    > They will get asked for money on a yearly basis.

    Which is why you never pay Danegeld. It never gets rid of the Dane.

    Trillions for defense, not a penny in tribute is the only long term strategy for dealing with aggression. And these threats are aggression and weakness in the face of aggression always invites fresh demands. We should be tracking down these 'hacking' groups with the same vigor we go after other organized crime and terrorism. If that means dropping a Hellfire missile down on a few houses in countries where the local authorities won't take this stuff serious I'm not going to lose sleep over it. Can we bomb the spammer/phishers too while we are at it?

  • by melikamp ( 631205 ) on Tuesday June 21, 2011 @04:59PM (#36519622) Homepage Journal
    This is utter BS. I bet it was the execs themselves who stole the money, probably long before they were "contacted by hackers". If it looks and smells like The Big Lebowski...
  • Re:False dichotomy (Score:3, Insightful)

    by Hatta ( 162192 ) on Tuesday June 21, 2011 @05:03PM (#36519688) Journal

    That's the whole point of "terrorism". You can label anything terrorism, and all of a sudden none of the old rules apply.

  • Re:And now (Score:3, Insightful)

    by MaxBooger ( 1877454 ) on Tuesday June 21, 2011 @05:07PM (#36519748)
    Oh... I didn't realize this was an article on norton/mccafee antivirus.
  • Re:everyone loses (Score:2, Insightful)

    by Anonymous Coward on Tuesday June 21, 2011 @05:16PM (#36519888)

    the united states invading iraq and afghanistan would also be considered terrorism in some circles

  • Re:everyone loses (Score:5, Insightful)

    by houghi ( 78078 ) on Tuesday June 21, 2011 @05:29PM (#36520020)

    No, it doesn't. Even IF the money would go to Al Qaida itself, the act would have nothing to do with terrorism. It is blackmail.

    Do not confuse one crime with another. Copyright infringement is not theft. Blackmail is not terrorism.

  • Re:everyone loses (Score:1, Insightful)

    by Noelnonymous Coward ( 1725914 ) on Tuesday June 21, 2011 @05:32PM (#36520066)
    By paying taxes, you're supporting somebody's terrorists. Cue flames.
  • Re:everyone loses (Score:5, Insightful)

    by pclminion ( 145572 ) on Tuesday June 21, 2011 @05:41PM (#36520208)

    Quit diluting the meaning of the word "terror." Terror is fearing you might be blown into bloody pieces while standing in line at a sandwich shop. Terror is fearing your elementary school kid will die a fiery death in an exploding school bus. Terror is wondering whether the building you work in is going to be on the receiving end of a trans-continental jet liner moving 500 MPH. These things are terrifying.

    We already have words for the sort of thing the article is talking about: extortion, blackmail, etc.

  • Re:Short answer (Score:4, Insightful)

    by Volante3192 ( 953645 ) on Tuesday June 21, 2011 @05:49PM (#36520336)

    do you have a 401K or a pension? You're likely a shareholder of something.

    Nope. Basically, I'm fucked come retirement...assuming I don't kill myself with cirrhosis first. I've made peace with that though.

  • Re:And now (Score:5, Insightful)

    by dcollins ( 135727 ) on Tuesday June 21, 2011 @06:02PM (#36520560) Homepage

    He already said he wants to pay trillions. He preemptively out-crazied you by more than 6 orders of magnitude.

  • Re:And now (Score:2, Insightful)

    by jmorris42 ( 1458 ) * <> on Tuesday June 21, 2011 @06:31PM (#36521010)

    > Sounds great, until the news media hears about how somebody said "Fuck YOU!"
    > to those who demand random in e.g. Somalia (Real pirates there) and people get
    > actually killed because of it.

    Better to spend ten times the demand on mercenaries and attempt a rescue than pay ransom. Better still if to develop a reputation for disproportional reprisals.

    I.e. Do something like what the (possibly apocryphal story) Russians did in the M.E. back in the 80's when some of the fools wearing a diaper on their empty noggin didn't understand the difference between the US and the Soviet Union and kidnapped one of their people. Russian intelligence hunted down a relative of the leader of the terror group and mailed the terrorists the guy's nuts in a jar. Hostage was promptly released and the lesson was learned. Russians were not to be held for ransom.

    In the case of Somalia, if America still had a spine we would just tell the pirates the US Navy would be hunting them at sea on general principle but that if they were ever stupid enough to touch an American flag vessel or anyone bearing US papers that we would hurt them so bad they would be screaming "war crime" in Geneva. As in sink everything that looked like it COULD float, knock down any and every building that might possibly be related to the pirates, etc. on a first offense. If the warlords still didn't take the hint and police themselves go in on the ground and kill anyone armed on a second offense. Make a proper example once and the problem never recurs.

  • Re:everyone loses (Score:3, Insightful)

    by twidarkling ( 1537077 ) on Tuesday June 21, 2011 @07:08PM (#36521442)

    I'm sorry, but that's a retarded response. Even if I think the reaction to 9/11 was overblown, hacking a company is a completely different scale than wide-spread physical destruction and loss of life. To try and equate them means you're not an individual who should ever be included in a rational discussion about proportional response or morality. If I had to guess, I'd say you're probably one of the "nuke 'em all and fuck sorting them out" types, right?

  • Re:everyone loses (Score:5, Insightful)

    by digitig ( 1056110 ) on Tuesday June 21, 2011 @07:08PM (#36521450)
    I think the response of the victims of the 9/11 attacks would likely have been terror. I've been working in a place where the IT department was dealing with a cracking attack, and nobody was screaming or throwing themselves from windows.

You can measure a programmer's perspective by noting his attitude on the continuing viability of FORTRAN. -- Alan Perlis