Cyber attack

Wixqaz

Full Member
Joined
Mar 29, 2019
Messages
243
Supports
Celtic
As far as I know nobody has ever really gotten out of this kind of thing without actually paying up?
Yep I've not heard of people actually unencrypting the data. We've had cases with sites in the job I do and it's usually a restore from backup situation and wipe any infected machines. So it'll depend whats been effected and whether they have proper backups of the data.
 

peridigm

Full Member
Joined
Dec 3, 2011
Messages
13,780
As far as I know nobody has ever really gotten out of this kind of thing without actually paying up?
I'm in the IT industry and see it a lot. The first viruses that encrypted data happened about 8 years ago. Data was encrypted with no recourse if you didn't have a backup. Thanks to bitcoin and other non traceable payment methods, hackers figured out they could encypt data and demand a ransom. Most small businesses have some sort of backup in place, sadly many do not. So they either pay the reasonable small ransom, or loose their data. Now the threat actors are harvesting data, so if you decide not to pay up and restore from backup, they threaten to go public with said data. This raised the stakes since the data can be personally identifiable info or business and trade secrets. Ransom demands are also much higher if the criminals figure out who's data they encrypted. Its now illegal to pay cyber ransom in the US. I'm sure there may be exceptions but there is never any guarantee the criminals will release the decryption keys once you pay.
Baltimore City and Baltimore County schools were hit with ransomware this past week and are still shutdown. No data is completely safe anymore. I saw Kevin Mitnick hack a paypal account with MFA enabled live on stage at a conference last year.
 

decorativeed

Full Member
Joined
Oct 19, 2009
Messages
12,327
Location
Tameside
As far as I know nobody has ever really gotten out of this kind of thing without actually paying up?
Plenty have. Most places have a nightly backup of their files so that they don't lose more than a day's work. That's what happens at my work, and we've gotten over two ransomware attacks by just reverting to our backups. It just takes a while to do that.
 

Brophs

The One and Only
Joined
Nov 28, 2006
Messages
50,275
Plenty have. Most places have a nightly backup of their files so that they don't lose more than a day's work. That's what happens at my work, and we've gotten over two ransomware attacks by just reverting to our backups. It just takes a while to do that.
As mentioned above, it depends on what they've had access to etc. I do some work for a big Irish company and they were absolutely set on not paying or even engaging with the hackers until they were able to understand what they're had access to. In this case it was certain medical information and that changed the picture.
 

Plymouth Red

New Member
Joined
Sep 13, 2004
Messages
475
One of the club's biggest concerns will be the leaking of internal documents and correspondence.
This could range from player contracts and performance evaluations of our own squad or transfer targets to ill-worded emails inside the club about individuals or external parties, clubs, agents or the football authorities.
It's the threat of reputational damage that mostly makes businesses reach for the cheque book.
 

tenpoless

Full Member
Joined
Oct 20, 2014
Messages
16,176
Location
Fabinho's forehead
"we are not currently aware of any breach of personal data associated with our fans and customers .... however Phil Jones have been missing since the cyber attack"

He is as talented as anything that lad, if he doesnt fancy being a footballer anymore, I can see him becoming a hacker and move NASA's satelites using his phone.
 

Volumiza

The alright "V", B-Boy cypher cat
Joined
Jul 13, 2018
Messages
13,510
Location
Somewhere in the middle
As far as I know nobody has ever really gotten out of this kind of thing without actually paying up?
I work for a massive worldwide scientific company that spans food testing, forensics, beauty products, pharmaceuticals and agricultural products. Literally a massive company. We got attacked in 2019 and we ended up paying, it made international news and everything. Never found out how much but I bet it wasn’t cheap.
 

prateik

Full Member
Joined
Dec 14, 2005
Messages
42,151
If a business doesnt create backups every day they are pretty stupid. Its automated.. You dont really have to do much.. Just switch to the backup. lose a days worth of work.
 

Solius

¯\_(ツ)_/¯
Staff
Joined
Dec 31, 2007
Messages
86,290
If a business doesnt create backups every day they are pretty stupid. Its automated.. You dont really have to do much.. Just switch to the backup. lose a days worth of work.
Surely they know this and can do the same thing to the back up? Or at the very least block the system and prevent you from getting to the back-up?
 

Matt007a

Full Member
Joined
Jul 17, 2018
Messages
763
If a business doesnt create backups every day they are pretty stupid. Its automated.. You dont really have to do much.. Just switch to the backup. lose a days worth of work.
It's not quite that easy. The ransomware is likely installed on one of the PCs within the network because someone has opened a dodgy email attachment, so the minute you restore your backup it'll start encrypting your files again. They may have to disconnect every machine and re-install from scratch before restoring any data, which depending on the size of the network can be a mammoth task.

Obviously it's a serious issue and I hope no one's personal data is exposed or used. Unless of course they have dirt on the Glazier family so huge it would force them to sell up. Very doubtful.
 

slyadams

Full Member
Joined
Sep 20, 2012
Messages
2,189
The solution to ransomware is not just backups, but also block level encryption. That way, if you get hacked, you can restore, and the data is useless to the attackers.
 

SuperiorXI

Full Member
Joined
Jan 8, 2012
Messages
14,449
Location
Manchester, England
If a business doesnt create backups every day they are pretty stupid. Its automated.. You dont really have to do much.. Just switch to the backup. lose a days worth of work.
Maybe not, it's possible they could have sleeper-cell type viruses going back weeks/months?
 

Champ

Refuses to acknowledge existence of Ukraine
Joined
Jun 17, 2017
Messages
9,888
As far as I know nobody has ever really gotten out of this kind of thing without actually paying up?
The company I work for got hacked by ransomware by Anonymous - basically encrypted all of our files and demanded a lot of money to restore the files.

We though we could be smart and just run from a backup, this then got encrypted also.

We ended up creating a whole new server and rebuilding our network essentially from scratch based on the backups we had, that was way cheaper than paying the ransom,
 

Zlatattack

New Member
Joined
Feb 9, 2017
Messages
7,374
If a business doesnt create backups every day they are pretty stupid. Its automated.. You dont really have to do much.. Just switch to the backup. lose a days worth of work.
Yep. So simple - anyone not doing it ought considered negligent.
 

NJM78

New Member
Joined
Feb 26, 2014
Messages
6,345
Location
Cardiff
Like a modern day Dream Team storyline this.
Dream Team. What a show, terrible and brilliant at the same time.

On a serious note it will probably give Ed a reason not to spend money in January, add it to the covid excuse.
 

Mb194dc

Full Member
Joined
Dec 8, 2015
Messages
4,595
Supports
Chelsea
Surely they know this and can do the same thing to the back up? Or at the very least block the system and prevent you from getting to the back-up?
Exactly, these attacks work by infiltrating then waiting weeks or even longer till they've worked out where the backups are and getting them as well. Need air gapped backups that they can't get to.

The problem with stopping these kinds of attacks is, no matter how good your technology and processes are you still have to deal with users and / or admins making a "mistake" and then everything gets compromised in no time at all. The bigger the organisation and more users and admins the more difficult it becomes. The hackers are quiet often a lot smarter than the people running IT networks.
 

gorky_utd

Full Member
Joined
Feb 5, 2014
Messages
1,925
Location
India
Probably our scouting department is the culprit. Always clicking on the wrong links instead of actually watching new players.
 

wolvored

Full Member
Joined
Jul 6, 2016
Messages
9,871
Bitdefender has ransomware protection. It scans and copies all the files so if overwritten it will restore them. Surely there is something out there the equivalent for servers after all these years
 

Crustanoid

New Member
Joined
Feb 14, 2008
Messages
18,511
It is probably the Glazers trying to syphon more money off the club.


They’re most likely behind the attack
 

tomaldinho1

Full Member
Joined
Nov 26, 2015
Messages
17,372
There goes our 2021 transfer budget
It's fine, by the looks of the data we've already made a signing for Jan, have been paying in hefty instalments (always on matchdays) for some bloke called with the initials V.A.R?
 

laughtersassassin

Full Member
Joined
Jun 12, 2014
Messages
11,330
The fact that this ransom and a fine will come out of our transfer budget is so depressing.

Would much prefer they just leak the info. Maybe it would incriminate Ed or the Glazers if we where lucky
 

Prodigal7

Full Member
Joined
Mar 29, 2015
Messages
2,227
Location
Daenerys' pants
The fact that this ransom and a fine will come out of our transfer budget is so depressing.

Would much prefer they just leak the info. Maybe it would incriminate Ed or the Glazers if we where lucky
More likely it would incriminate one of our players IMO. Think about the kind of shit multi millionaire footballers would get up to day to day. Doubt it would look good.
 

LJJT

Full Member
Joined
Apr 20, 2010
Messages
1,536
Location
North West
This sort of thing is quite common but as usual as it’s united it’s a big story. We may well have to pay the ransom or they may have insurance in place to cover it. Fairly expectant they will have insurance in place to cover the fine/data breach costs if not the ransom. In America it’s pretty common to pay the ransom and move on
 

Red_toad

Full Member
Joined
Oct 23, 2010
Messages
11,587
Location
DownUnder
The solution to ransomware is not just backups, but also block level encryption. That way, if you get hacked, you can restore, and the data is useless to the attackers.
They simply infect and let it sit there for months, then your backups are all infected and they can get back in to your systems easily.
 

Red_toad

Full Member
Joined
Oct 23, 2010
Messages
11,587
Location
DownUnder
It is probably the Glazers trying to syphon more money off the club.


They’re most likely behind the attack
No they’ll be planning a leveraged hostile buy out of the hackers, get the feckers to pay for it. Ed will be lining up potential sponsors as we speak:smirk:
 

WI_Red

Redcafes Most Rested
Joined
May 20, 2018
Messages
12,038
Location
No longer in WI
Supports
Atlanta United
They simply infect and let it sit there for months, then your backups are all infected and they can get back in to your systems easily.
Pretty much this. Most companies I know of keep rolling 6 month back ups. If the hacker is patient enough they can infect the network and wait 6 months and a day before going forward. At the point the company either pays up or loses everything.