Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Businesses Security

Colonial Pipeline CEO Tells Why He Paid Hackers a $4.4 Million Ransom (wsj.com) 160

The operator of the Colonial Pipeline learned it was in trouble at daybreak on May 7, when an employee found a ransom note from hackers on a control-room computer. By that night, the company's chief executive came to a difficult conclusion: He had to pay. From a report: Joseph Blount, CEO of Colonial Pipeline, told The Wall Street Journal that he authorized the ransom payment of $4.4 million because executives were unsure how badly the cyberattack had breached its systems or how long it would take to bring the pipeline back. Mr. Blount acknowledged publicly for the first time that the company had paid the ransom, saying it was an option he felt he had to exercise, given the stakes involved in a shutdown of such critical energy infrastructure. The Colonial Pipeline provides roughly 45% of the fuel for the East Coast, according to the company. "I know that's a highly controversial decision," Mr. Blount said in his first public remarks since the crippling hack. "I didn't make it lightly. I will admit that I wasn't comfortable seeing money go out the door to people like this. But it was the right thing to do for the country," he added.

[...] Mr. Blount said Colonial paid the ransom in consultation with experts who had previously dealt with the criminal organization behind the attacks. He and others involved declined to detail who assisted in those negotiations. Colonial said it has cyber insurance, but declined to provide details on ransomware-related coverage. In return for the payment, made in the form of bitcoin, about 75 in all, according to a person familiar with the matter, the company received a decryption tool to unlock the systems hackers penetrated. While it proved to be of some use, it was ultimately not enough to immediately restore the pipeline's systems, the person said.

This discussion has been archived. No new comments can be posted.

Colonial Pipeline CEO Tells Why He Paid Hackers a $4.4 Million Ransom

Comments Filter:
  • by memory_register ( 6248354 ) on Wednesday May 19, 2021 @12:38PM (#61400634)
    Bitcoin is down 20%, so I guess it's now a $3.5m ransom!
    • Re: (Score:2, Informative)

      by bjwest ( 14070 )

      Bitcoin is down 20%, so I guess it's now a $3.5m ransom!

      Nope, it was $4.4M when they bought it, they don't get a refund just because the price dropped.

  • by flyingfsck ( 986395 ) on Wednesday May 19, 2021 @12:42PM (#61400644)
    Ultimately, it is no use crying over spilt milk, but I hope they spend some money on proper security systems from now on. It is usually also a good idea to configure all routers properly to partition the company network into VLANs and contain future problems to network segments.
    • ...when an employee found a ransom note from hackers on a control-room computer.

      Did I read this wrong?

      To me, this sounds like the employee came in and found a physical note, on paper sitting on the computer, indicating that there was an intruder (or inside person) that had physical access to machine(s) there.

      Was this the case?

      If so, it isn't just cyber security that is their problem.

      • by Fworg64 ( 6172828 ) on Wednesday May 19, 2021 @01:17PM (#61400812)
        "The files are _in_ the computer!.."
      • by geekmux ( 1040042 ) on Wednesday May 19, 2021 @01:19PM (#61400824)

        ...when an employee found a ransom note from hackers on a control-room computer.

        Did I read this wrong?

        To me, this sounds like the employee came in and found a physical note, on paper sitting on the computer, indicating that there was an intruder (or inside person) that had physical access to machine(s) there.

        Was this the case?

        If so, it isn't just cyber security that is their problem.

        The only "case" to solve here, is why clickbait sensationalist reporting, continues to be acceptable.

        The "ransom note" found "on" a computer, is textbook ransomware. I highly doubt there was a *physical* note sitting on a computer. If hackers have *that* kind of access, the pipeline would probably still be down. Why half-ass an attack like that when you can whole-ass it with direct physical access.

        • Why would the pipeline still be down? These guys are in it for the money. Part of the reason they got paid is that, according to TFS, others had paid them in the past and received their decryption keys. The goal wasn't to shut down the pipeline, the goal was to get paid.
          • Why would the pipeline still be down? These guys are in it for the money. Part of the reason they got paid is that, according to TFS, others had paid them in the past and received their decryption keys. The goal wasn't to shut down the pipeline, the goal was to get paid.

            Yeah. Exactly.

            Think holding the eastern fucking seaboard, ransom, is worth a bit more than a measly $5 million? If you're brave enough to brag with physical access, you're likely strong enough to not half-ass the attack.

            $5 million would have turned into the daily ransom in two weeks. Just to keep the rioting down to only losing one or two major cities.

      • I assume they basically left Notepad (assuming it's Windows, which it probably is) open on the desktop, and had typed the message there.

        • I assume they basically left Notepad (assuming it's Windows, which it probably is) open on the desktop, and had typed the message there.

          Ok.

          The article was a bit ambiguous to me...sounded like a note laying ON the computer...if they'd said a note was displayed on the computer, etc.

          • Yeah, I agree it was ambiguously worded (and we could still find out that your interpretation was right).

            Also, the story has changed over time - originally they'd indicated it wasn't the operational computer, but they were just worried about them. Now it appears Darkside actually did get into their vital infrastructure.

            • by neoRUR ( 674398 )

              The Hackers could have used a connected printer to print out the message a few times.

    • *V*LANS are of no help when you find the message in your control room. You need to assume the firmware of the switches has been compromised.

      For something like a pipeline a bi-directional serial link might be ok, but a highly secured network would only use a broadcast serial network to send data to the MIS network. It gets very complicated though when you can’t have direct network access.

    • They had backups (Score:5, Informative)

      by Solandri ( 704621 ) on Wednesday May 19, 2021 @01:39PM (#61400890)
      In fact from what I understand, the operational network (which actually controlled the pipeline) was unaffected. The ransomware only hit their administrative network. They didn't have confidence that they could keep it contained to their administrative network, so they shut everything down.

      They were restoring from backups, but it was progressing slowly enough that they felt it would be faster to pay the ransom (insert disclaimer about how people who pay the ransom frequently find out the decryption process is often slower than restoring backups, or doesn't work at all). Because the operational network had been shut down as a precaution, they couldn't turn it back on until they were confident they'd eliminated any malware from their administrative network.

      The whole thing points to insufficient thought put into their network segmentation. Normally you'd set it up so if the two networks have access to each other, it's only through a few chokepoints (there are performance reasons for doing this, not just security). And all they would've had to do is sever those chokepoints to guarantee nothing on the administrative network could reach the operations network. Apparently they couldn't do this with confidence, so had to shut both networks down.
    • They probably have no idea what equipment they even have in use, let alone a comprehensive backup strategy.
    • Well more to the point, why was one company so influential to the infrastructure?
      A companies goal is to make money. To maximize the money they make they try to minimize expenses. (They are cheap) Running your operation cheaply, often creates little to no buffer for problems or mistakes. So when one does happen to hit the snag, it becomes a big problem hurting many people.

      Either force and keep competition in areas so if something happens to a single company it isn't as bad, or have the government control

      • by ceoyoyo ( 59147 )

        Pipelines work much better if they're big. It's a frequently under appreciated problem with fuel-based energy: long vulnerable supply chains that only work efficiently at large scale.

    • I hope they spend some money on proper security systems from now on.

      Never give up but realistically I don't think airtight security for vast enterprises is going to happen. I know I'm going to get shot for saying this in here but I think the ability to make payments anonymously is a problem. I don't think government should routinely monitor everything but the capability to do investigations and rollbacks when necessary is a good thing, and the existence of means to move millions of dollars untraceably

    • and they do monthly backup to zipfile on their "D:" drive so they were thinking they had things under control. Besides, they just get to raise rates if things go south and so they make their money back. They probably waited long enough before paying the ransom and getting things running, albeit slowly, so that prices were high enough to maximize profits from the cock-up.

      They don't really run Windows 95 any more.

      LoB
    • I hope they spend some money on proper security systems from now on

      They will, only if it's cheaper than paying the ransom.

      • Let's face it: they'll probably get government subsidies for shoring up their security, on top of the subsidies they already get and which more than likely paid for the ransom in the first place.
  • so (Score:5, Insightful)

    by fulldecent ( 598482 ) on Wednesday May 19, 2021 @12:44PM (#61400652) Homepage

    So... they funded terrorism?

    • Re:so (Score:5, Funny)

      by crow ( 16139 ) on Wednesday May 19, 2021 @12:55PM (#61400708) Homepage Journal

      It's an oil company.

    • Re:so (Score:5, Insightful)

      by Joey Vegetables ( 686525 ) on Wednesday May 19, 2021 @01:16PM (#61400804) Journal

      Kind of, though not entirely unlike the little defenseless village that was invaded by terrorists and given the choice of "support us, or die."

      The difference is that no company should be without adequate defenses against ransomware and other forms of cyber-terrorism. And certainly not a company that represents a substantial and irreplaceable part of the infrastructure that keeps all of us alive.

      Let's hope they learn their lesson, and also are held accountable for (a) helping to fund this criminal organization, albeit arguably more because of negligence rather than intent; and (b) getting their sh*t together so this doesn't happen again.

      • not entirely unlike the little defenseless village that was invaded by terrorists and given the choice of "support us, or die."

        Not exactly. Reports are that the intrusion did not affect actual pipeline operations, just billing systems. So the option wasn't really equivalent to "or die".

      • I remember when that happened! Luckily we have ways of surgically projecting force [youtu.be] in those circumstances.
    • Comment removed (Score:5, Insightful)

      by account_deleted ( 4530225 ) on Wednesday May 19, 2021 @01:17PM (#61400806)
      Comment removed based on user account deletion
      • After reading this FBI testimony, it seems like they intermingle terrorism and criminal acts involving property quite a bit. They definitely use the term violence when defining the word "terrorism", but doesn't seem solely wrt bodily harm:

        https://archives.fbi.gov/archi... [fbi.gov]

        For example:
        "Domestic terrorism is the unlawful use, or threatened use, of violence by a group or individual based and operating entirely within the United States (or its territories) without foreign direction, committed against persons or

        • by ceoyoyo ( 59147 )

          The key part of the definition of terrorism is "furtherance of political or social objectives." Shutting down a pipeline and not allowing it to be started up again until Taco Tuesday is enshrined in law is terrorism. Shutting down a pipeline randomly to demonstrate how vulnerable the dirty capitalist pigs are is terrorism. Shutting one down so you can make some dough to buy a sweet mansion and some hookers in Eastern Europe is not.

  • by PseudoThink ( 576121 ) on Wednesday May 19, 2021 @12:46PM (#61400656)
    This article spins some serious bullshit.
    • Doh, wish I had saved my mod points! Good point.

      However, you never know how deep the rabbit hole goes once you have been owned.

    • by sound+vision ( 884283 ) on Wednesday May 19, 2021 @01:03PM (#61400744) Journal

      It says they had "cyber insurance." Not sure if this counts as a cyber or not. (Back in my day a cyber was a textual role-playing session where you pull out your wand and wizard hat.)

      I was thinking along the lines of insurance fraud, but you could very well pull a fraud here without even using insurance:

      1. Purposefully run without sufficient security.
      2. Coordinate with the "hackers" to let them know how to steal just the right data for the next step.
      3. "Oh no! We've been cybered! Now the east coast doesn't have gasoline! We have to pay them 4 million, national security!"
      4. Hackers split the 4 million with the guy who let them into the network.

      Step 1 won't even seem that weird to anyone. We all know bad security is everywhere, so it becomes "Well... just another Cyber grabbing your Cryptos. Happens every day."

      • by v1 ( 525388 ) on Wednesday May 19, 2021 @01:48PM (#61400926) Homepage Journal

        You usually can't GET cyber-insurance without having your insurnace co come and audit your system and maybe install some tools of their own.

        When there's THAT much money on the line, the insurance company will ALWAYS want to make sure your'e making reasonable efforts to avoid loss in the first place. Try keeping your fire insurance while not passing the chief's fire inspections.

      • by SirSlud ( 67381 )

        Ah yes the "the whole thing was a scam, it's so simple" theory that some numnuts is always compelled to trot out.

        Yet it totally ignores a couple of dozen reasons why that's ridiculously unlikely to be the case because invariably the people suggesting this malarkey are only capable of picturing anything outside of their own direct lives as a montage from Ocean's 11.

    • by rootrot ( 103518 )

      Indeed. Points for spin...interesting meta issue.

    • by Anonymous Coward on Wednesday May 19, 2021 @01:17PM (#61400810)

      This article spins some serious bullshit.

      Yes. This entire story is bullshit.

      The operation of the pipeline was not shut down by ransomware. The ransonware was in the billing system. **THE COMPANY** shut down the pipeline because they were worried that they wouldn't be able to bill their customers.

  • I'm a little disturbed by this line: "While it proved to be of some use, it [paying the ransom] was ultimately not enough to immediately restore the pipeline's systems,"

    Wait, they paid the random, and that wasn't enough to get them back online?? Paying ransom doesn't work?

    • And AFAIK paying ransom for this kind of situation doesn't ensure that there aren't little Easter Eggs sprinkled all over the place, dormant for now. If the cybersecurity team didn't catch the first attack, how do they even know what their system has?

      • by Nehmo ( 757404 )

        And AFAIK paying ransom for this kind of situation doesn't ensure that there aren't little Easter Eggs sprinkled all over the place, dormant for now. If the cybersecurity team didn't catch the first attack, how do they even know what their system has?

        The group or person who did it is reading this thread, I'm sure. So, sending a message to them is easy.

    • by prisoner-of-enigma ( 535770 ) on Wednesday May 19, 2021 @01:02PM (#61400734) Homepage

      I'm a little disturbed by this line: "While it proved to be of some use, it [paying the ransom] was ultimately not enough to immediately restore the pipeline's systems,"

      Wait, they paid the random, and that wasn't enough to get them back online?? Paying ransom doesn't work?

      From other news sources, I gather the decryption tool provided by the hackers worked but was very slow. Ultimately Colonial used a combination of restoring from backups, wiping and rebuilding, and the decryption tool to get everything back up and running.

    • by BrainJunkie ( 6219718 ) on Wednesday May 19, 2021 @01:03PM (#61400738)
      I read an article last week that had a comment from Colonial that the decryption tool was slower than their own recovery efforts, which I assume was restoring from backups.
      • I read an article last week that had a comment from Colonial that the decryption tool was slower than their own recovery efforts, which I assume was restoring from backups.

        I believe this is the accurate assessment, but if you want to know what is slow here, perhaps talk to a certain CEO that made the decision to pay, and THEN realized how fucking worthless (and now dangerous) that decision, really was.

        Then perhaps we could talk to the "experts" from the government advising him.

      • Makes sense if you think about it. Read a block, decrypt, write back to the same device, versus reading from external backup device, writing to primary device.

        If you had a particularly slow backup storage or pipe to the restore target and fast primary storage, the situation could reverse though where decrypting in place would be faster. I doubt anyone has a strong idea which is faster until they go through that scenario.

        Also, nobody on the outside knows what their backup coverage actually is ... was, and

    • Wait a minute. Hold the bus here.

      Are we saying that criminal organizations are untrustworthy and we shouldn't take them at their word to follow through on promises?

      What has this world come to? Where are my pearls and fainting couch?

  • Because after reviewing our technology position, we discovered we were still using Windows 95. We could not get the PC manufacturer, or Microsoft support, to take our call.
  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Wednesday May 19, 2021 @12:52PM (#61400696)
    Comment removed based on user account deletion
    • by prisoner-of-enigma ( 535770 ) on Wednesday May 19, 2021 @01:04PM (#61400748) Homepage

      He paid the ransom because he refused to pay for prevention and preparation.

      The scary part of this statement is, assuming the attackers keep the ransom relatively low, it may actually be cheaper (by beancounter standards) to pay a ransom than pay for effective cybersecurity.

    • Well, I hope it comes directly from the CEO's pay. Incompetent leadership needs to hurt.
    • He paid the ransom because he refused to pay for prevention and preparation.

      Do you have anything to support this accusation?

      I know how the armchair quarterbacks, like yourself, are invincible experts. But, A proper ransomware attack is extremely hard to defend against. Especially in a large company.

      Besides that, it seems that they did have defenses, backups, and a recovery plan. Simply their RTO took longer than expected or desired. According to all publish sources that I have seen, he paid the ransom to try to speed up recovery. It turned out that it did not speed it up adequately

  • by BeerFartMoron ( 624900 ) on Wednesday May 19, 2021 @01:04PM (#61400756)

    Colonial Pipeline Has Been a Lucrative Cash Cow for Many Years [bloomberg.com]

    "Over the past decade, Colonial has distributed nearly all its profits, sometimes more, in the form of dividends. In 2018, for example, it paid nearly $670 million to its owners, even more than the $467 million net income. Last year, it returned to investors over 90% of its $421.6 million in profits."

    And it also sounds like they don't invest in maintenance.

    "Meanwhile, its aging pipelines have suffered a series of accidents. Last August, a segment of a conduit was interrupted for almost a week after more than 28,000 barrels of gasoline spilled for days in a North Carolina nature preserve, discovered by two teenagers riding all-terrain vehicles. That was caused by a failure in a sleeve repair installed 16 years earlier. In March, a federal regulator said similar threats exist throughout the system and the continued operation without corrective measures “would pose a pipeline integrity risk to public safety, property, or the environment.” Three other spills due to cracks have been reported since 2015. In September 2016, a line was shut for 12 days, cutting supplies to millions of customers. Two months later, a fatal blast nearby led to another interruption. 'Colonial’s inability to effectively detect and respond to such releases has potentially exacerbated the impacts of numerous releases over the operational history of Colonial’s entire pipeline system,' Pipeline and Hazardous Materials Safety Administration said in a notice of proposed safety order sent to Colonial Chief Executive Officer Joseph Blount."

    • by notsouseful ( 6407080 ) on Wednesday May 19, 2021 @02:26PM (#61401078)
      Hey guys, remember this post next time you see one of those memes on social media with a flipped semi hauling a tank which has spilled on the road, saying how much safer things would be if there was just a pipe for it. It's a huge temptation to ridiculously rich people to get even more ridiculously rich by delaying maintenance, whether you fly planes, operate a nuclear plant, or manage an oil pipeline. Regulation is always bad... until there's a problem. This is your problem. Vote for people that actually want government to be competent at what it needs to do, please.
  • Parasites. I hope every single one of those "experts" is being investigated for possible collusion with the attackers right now. Make paying ransoms illegal. Do not negotiate with terrorists. Do not FUND terrorists!
  • HORESHIT. (Score:5, Insightful)

    by Gravis Zero ( 934156 ) on Wednesday May 19, 2021 @01:17PM (#61400808)

    "I didn't make it lightly. I will admit that I wasn't comfortable seeing money go out the door to people like this. But it was the right thing to do for the country,"

    This is a load of shit like no other. The reason they shut down the pipeline is because they couldn't keep track of billing. They could have just let the pumping continue and just take the monetary hit until they restored their systems but they decided money was more important.

    Little more infuriates me like false patriotism, especially when it's in the name of greed.

    • by dargaud ( 518470 )
      Yeah, that's shameful bullshit. Paying for ransomware should be highly illegal, with a fine at least double what you paid the ransomware. If you get hit, you swallow your pride, restart from backups (you got backups, right?), try and recover lost time and improve your cybersecurity. You DO NOT FUND TERRORISM. If you don't have backups, going bankrupt is a perfectly fine alternative.
    • "I didn't make it lightly. I will admit that I wasn't comfortable seeing money go out the door to people like this. But it was the right thing to do for the country,"

      This is a load of shit like no other. The reason they shut down the pipeline is because they couldn't keep track of billing. They could have just let the pumping continue and just take the monetary hit until they restored their systems but they decided money was more important.

      Little more infuriates me like false patriotism, especially when it's in the name of greed.

      While I certainly don't doubt the validity of your claim here, for some reason I'm thinking the pressure of crippling the eastern fucking seaboard of the US just might have had a little influence on that decision too. The CEO probably wanted to get the US Government out of his asshole at some point.

      Besides, IMHO, there's a larger turd on top of your theory. This whole thing stinks like a three-letter fundraiser.

      Gas prices are back up damn near overnight and right before COVID hits its magical expiration da

  • by Jerrry ( 43027 ) on Wednesday May 19, 2021 @01:27PM (#61400846)

    If I was that CEO I wouldn't have paid a ransom--I would have used that $4.4M to hire a team of operators to locate and take out the perpetrators.

    The criminal gang is likely in Russia, and I'm sure the CEO could have found some retired Spetsnaz types to do the dirty work.

    • by Njovich ( 553857 )

      How would you figure out who did it? Hire a psychic? Interrogate every Russian? Crack TOR?

      • by dargaud ( 518470 )
        Yeah, I wish. When looking at those Hollywood action movies with pro assassins, I always wondered where they find all those targets that we never hear about in the real word. But now I know that if there was a gofundme to hire an assassin to take out ransomware creators, I'd for sure shell out a good amount, even though I've never be hit by them. WTF is the CIA or James Bond doing ?!?
    • by Mitreya ( 579078 )

      I would have used that $4.4M to hire a team of operators to locate and take out the perpetrators.

      How would killing the perpetrators solve the ransomware problem?
      Unless that team of operators also tortures the perpetrators for the unlock instructions?

  • Ahh, the end of The Sum of All Fears and the conspirators' denoument.

    One can always dream.

  • FIRE THE CEO, and use their salary to fix the mess and upgrade company security. That they paid should be considered funding terrorism and should lose his job anyway while in jail.
  • What did they get for their 4.4 million? A promise from the hackers not to do it again?
    • What did they get for their 4.4 million? A promise from the hackers not to do it again?

      I heard the giggling from the other end was so bad even TCP was struggling to keep a handshake going.

  • The Colonial Pipeline provides roughly 45% of the fuel for the East Coast, according to the company.

    Why would one company have such a stranglehold? I know pipelines are a hotpoint, but one company should not have that outsized impact on roughly a quarter of the nation. That's just begging for a disaster.
    • one company should not have that outsized impact on roughly a quarter of the nation. That's just begging for a disaster.

      I wish I was kidding, the answer is they had a really good lobbyist.

  • It goes to prove how neglected infrastructure is in the US.
  • "Mr. Blount acknowledged publicly for the first time that the company had paid the ransom, saying it was an option he felt he had to exercise..." ...thereby ensuring that cybercriminals will continue to plague other companies, and his in the future.

    Governments should make a law that is "no cyber ransoms shall be paid". The result would be some chaos, followed by these corporations putting measures in place to ensure it won't happen again. I doubt that such a thing is realistic. Just saying.

    • Governments should make a law that is "no cyber ransoms shall be paid". The result would be some chaos, followed by these corporations putting measures in place to ensure it won't happen again. I doubt that such a thing is realistic. Just saying.

      No, it's not realistic. Because the Government themselves would have paid the damn ransom within two weeks. Just to avoid another city burning.

      Doesn't matter who you are in the food chain. No one, has the luxury of sitting on the sidelines of a 45% fuel supply problem.

      • Doesn't matter who you are in the food chain. No one, has the luxury of sitting on the sidelines of a 45% fuel supply problem.

        That's what separates us from monkeys. Our ability to think past the immediate. Today it's a 5 day shutdown. Tomorrow it's a terrorist-sponsored total destruction of the system.

  • He just can't grasp that the entire situation was his fault. I get the impression the only thing he's good at is becoming a CEO of an organization too big to fail.

    Time to break up this monopoly. Shareholder value be damned. Consumers matter more.
  • > Mr. Blount acknowledged publicly for the first time that the company had paid the ransom, saying it was an option he felt he had to exercise, given the stakes involved in a shutdown of such critical energy infrastructure This is such a rotten take. They in no way needed to shut down the pipeline. They only did so because their precious billing system was down. With better federal regulation on situations like this, they should have been legally required to keep it running.
  • 1) They are now a massive target for further attacks since everyone knows they will pay up.

    2) It didn't even really help bring the pipeline up faster.

    3) All other critical infrastructure is now an equally larger target since we know the U.S. will pay up.

    4) (Bonus) since they also used the tool the hackers have them to partly fix the thing, isn't the entire system likely full of backdoors now so the group can come back in any time they like? A working, but compromised system is exactly what you'd expect a h

  • As someone on the IT security and legal side of things (lawyer with a CISSP and background in IT infra), I'm wondering how the various govt 3 letter acronyms will look at this from the perspective of OFAC: https://home.treasury.gov/syst... [treasury.gov]
    • As someone on the IT security and legal side of things (lawyer with a CISSP and background in IT infra), I'm wondering how the various govt 3 letter acronyms will look at this from the perspective of OFAC: https://home.treasury.gov/syst... [treasury.gov]

      Interesting read. Depending on who was on the receiving end of Darkside's "lost" funds, the matter may be ignored by 3 letter agencies. That said, one might measure the value of some kind of additional fine or worse because the problem was felt widespread enough to garner public support for such an action. For once, government would not look like the "bad guys" and instead be looking to protect and secure the lifesblood of a fossil-fueled country, and every citizen that depends on it. Sending a message

  • But sending 45% of an areas fuel through one pipeline seems like an enormously bad idea.

  • That is what he did. And he should go to prison for it.

  • the CEO and CTO still have their jobs. Guess the company does not mind complete incompetence.
  • Seriously once a machine has been compromised, is paying a ransom going to restore your faith in that machine being secure?

    I think the only people who would consider paying a ransom like this, are people with zero technical understanding of computer systems.

    We had such an attack in our company, we simply deleted the data affected or restored backups, not for a second did we consider paying it.

    We were infected because of the actions of a staff member I've been wanting sacked since the day I started. Most of

You are always doing something marginal when the boss drops by your desk.

Working...