Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Paying Hacker Extortion

CmdrTaco posted more than 3 years ago | from the bad-place-to-be dept.

Crime 412

An anonymous reader writes "A friend works as CIO at a medium sized publicly traded company. The company was contacted by a hacking group and told to pay $100,000 to prevent their company from being hacked/attacked. They actually paid the extortion (told authorities after). The authorities said the company could be charged with supporting Terrorists. Seeing that most publicly known hacks are costing companies this size nearly a million dollars, Is this supporting terrorists or supporting stockholders?"

cancel ×

412 comments

everyone loses (2)

alphatel (1450715) | more than 3 years ago | (#36519256)

Is this supporting terrorists or supporting stockholders?

1) Neither, it could be a 12 year old with hotmail sending threatening emails.
2) Both, it is another corporate goon protecting his stock options.
3) None, they were paid out in Botcoins.

Re:everyone loses (0)

Anonymous Coward | more than 3 years ago | (#36519318)

What are Botcoins? Something new, again?

Re:everyone loses (1)

benjfowler (239527) | more than 3 years ago | (#36519346)

Whoosh.

Re:everyone loses (0)

Wrath0fb0b (302444) | more than 3 years ago | (#36519342)

1) Neither, it could be a 12 year old with hotmail sending threatening emails.

If he's threatening to commit crimes in exchange for money, that alone makes his some species of criminal or terrorist.

Re:everyone loses (5, Informative)

bipbop (1144919) | more than 3 years ago | (#36519382)

Criminal, yes. The crimes in question have absolutely nothing to do with terrorism, though.

Re:everyone loses (1, Interesting)

Wrath0fb0b (302444) | more than 3 years ago | (#36519676)

Criminal, yes. The crimes in question have absolutely nothing to do with terrorism, though.

Doesn't that depend on other facts that we don't have?

Re:everyone loses (2)

Riceballsan (816702) | more than 3 years ago | (#36519706)

It is the very definition of terrorism. Per the Webster dictionary "the systematic use of terror especially as a means of coercion". Now admitted this definition can also refer to everything from 9/11, to the school bully saying "give me your lunch money or I punch your face in".

Re:everyone loses (2)

digitig (1056110) | more than 3 years ago | (#36519810)

And the response to a threat of hacking is to be terrified? Or is it merely to be concerned?

Re:everyone loses (2, Insightful)

Anonymous Coward | more than 3 years ago | (#36519888)

the united states invading iraq and afghanistan would also be considered terrorism in some circles

Re:everyone loses (0)

MichaelKristopeit408 (2018816) | more than 3 years ago | (#36519880)

any act that brings terror upon a victim is terrorism.

you're an idiot.

Re:everyone loses (1)

retchdog (1319261) | more than 3 years ago | (#36519496)

yes. also, he's an extortionist or a rapist-murderer.

Re:everyone loses (4, Interesting)

AliasMarlowe (1042386) | more than 3 years ago | (#36519400)

For $100k they could have got an internal security person for a year, or possibly a decent external consultant. Either way, hacking in would be made a bit harder in the future (but not impossible). As it is, they've set themselves up as a future victim for the next round of extortion.

Re:everyone loses (5, Funny)

cgenman (325138) | more than 3 years ago | (#36519528)

Or, more likely, they paid the 100,000 with the hopes that the hacker would be caught, then paid IBM 1 million dollars to secure their network.

IBM then pays an external contractor 200,000 to do it. They pay the hacker $100,000 to do it. Hacker walks away with 200k and a springboard to legitimate work.

Re:everyone loses (3, Funny)

AliasMarlowe (1042386) | more than 3 years ago | (#36519608)

Depressingly, your reading of the affair is possibly correct.

Re:everyone loses (1)

rwa2 (4391) | more than 3 years ago | (#36519624)

That sounds a bit like how a friend of mine has to donate an equal amount to the EFF for every game he buys from Blizzard.

Re:everyone loses (0)

Anonymous Coward | more than 3 years ago | (#36519882)

That sounds a bit like how a friend of mine has to donate an equal amount to the EFF for every game he buys from Blizzard.

Eh...your friend is far more ethical than most people who are against DRM on principle, but buy games from Blizzard anyway (and don't do anything else). At least he's doing something to offset his contribution to evil.

Re:everyone loses (1)

Hylandr (813770) | more than 3 years ago | (#36519900)

Bah,

We see this in Eve online all the time.

- Dan.

How about Both (1)

Anonymous Coward | more than 3 years ago | (#36519268)

That's not an exclusive OR. You can do both.

And now (3, Insightful)

The MAZZTer (911996) | more than 3 years ago | (#36519272)

They'll just be hacked anyway.

Re:And now (4, Insightful)

odin84gk (1162545) | more than 3 years ago | (#36519336)

They will get asked for money on a yearly basis.

Re:And now (1)

rwa2 (4391) | more than 3 years ago | (#36519514)

I'm curious to see what that looks like in their bookkeeping accounts.

Whenever Verizon overcharges me, I put it under "Expenses | Prostitution", since whining at their customer support feels like phone sex. Probably could be just as illegal as supporting terrorists!

To this day, Verizon is the only company that I still pay bills to using paper checks... I refuse to enroll into any auto billing scheme that lets them dip into my accounts of their own free will.

Re:And now (1)

TheSeventh (824276) | more than 3 years ago | (#36519648)

My bank (Chase) talked me into using their "Pay Bills" feature, which is actually pretty good. Other companies aren't dipping into my account, and this is just as fast as paying through the companies websites, which is how I used to pay all my bills.

Re:And now (3, Insightful)

jmorris42 (1458) | more than 3 years ago | (#36519578)

> They will get asked for money on a yearly basis.

Which is why you never pay Danegeld. It never gets rid of the Dane.

Trillions for defense, not a penny in tribute is the only long term strategy for dealing with aggression. And these threats are aggression and weakness in the face of aggression always invites fresh demands. We should be tracking down these 'hacking' groups with the same vigor we go after other organized crime and terrorism. If that means dropping a Hellfire missile down on a few houses in countries where the local authorities won't take this stuff serious I'm not going to lose sleep over it. Can we bomb the spammer/phishers too while we are at it?

Re:And now (1)

techno-vampire (666512) | more than 3 years ago | (#36519726)

Which is why you never pay Danegeld. It never gets rid of the Dane.

My thought exactly. Not only that, there's nothing to stop this "hacker" from raising his demands until he bankrupts the company. Or, if he's clever and the company's stock is openly traded, invest the money they pay him in their stock until he owns it.

Re:And now (3, Insightful)

MaxBooger (1877454) | more than 3 years ago | (#36519748)

Oh... I didn't realize this was an article on norton/mccafee antivirus.

Re:And now (1)

Anonymous Coward | more than 3 years ago | (#36519458)

1.) How did they know it was a real group group capable of real damage? It's not like they hand out a resume and references.
2.) And if it was a competent group, they will keep coming back to extort more.
3.) And if not, they will still come back for more.
4.) And if it was an inside job, who is to know?

Sounds fishy to me. $100000 gets me a lot of emergency help to permanently counter an explicit threat of unknown capability.

Re:And now (1)

iamhassi (659463) | more than 3 years ago | (#36519848)

With $100,000 I'd be too busy spending it to bother hacking anything.

Short answer (2, Insightful)

Volante3192 (953645) | more than 3 years ago | (#36519280)

Is this supporting terrorists or supporting stockholders?

One in the same...

One AND the same... (0, Offtopic)

Anonymous Coward | more than 3 years ago | (#36519542)

The expression is "one AND the same."

"One in the same" is phonetically similar but semantically stupid and outright incorrect.

I know this comment is off topic and I am a grammar Nazi and so on. Be that as it may, using language stupidly like this does NOT evolve it. People like you dumb our language down and make it worse for everyone.

On second thought, please continue to be thoughtless and use expressions incorrectly like this. Do so on your resume and cover letter, so I won't ever make the mistake of hiring someone as cognitively sloppy as you.

Re:One AND the same... (0)

Anonymous Coward | more than 3 years ago | (#36519708)

bravo, sir.

Re:One AND the same... (4, Funny)

Catnaps (2044938) | more than 3 years ago | (#36519720)

Quite frankly, I could care less. After all, it's not rocket surgery.

Re:One AND the same... (1)

Verdatum (1257828) | more than 3 years ago | (#36519864)

Agreed. For all intensive purposes, its the same thing. I get this alot. Trolling is a art.

Re:One AND the same... (1)

Catnaps (2044938) | more than 3 years ago | (#36519932)

I wonder if he's raging right now.

Re:Short answer (2)

ffejie (779512) | more than 3 years ago | (#36519896)

Are you saying that the terrorists are invested in the company they are trying to hack? Unlikely.

Or, are you making the lazy assumption that shareholders are bad people and labeling them terrorists? I got news for you: do you have a 401K or a pension? You're likely a shareholder of something. That probably doesn't make you a bad person, and certainly not a terrorist.

How exactly did they pay them? (2)

pudding7 (584715) | more than 3 years ago | (#36519306)

PayPal? Besides airdropping suitcases full of cash into the ocean, how do corporations pay ransom these days?

Re:How exactly did they pay them? (3, Funny)

fuzzyfuzzyfungus (1223518) | more than 3 years ago | (#36519340)

Western Union, obviously. The head of Fisrt National Trust Reserve Bank of Nigera, LLC, kindly offered to handle the whole matter in strictest confidence for them.

Re:How exactly did they pay them? (3, Insightful)

Anonymous Coward | more than 3 years ago | (#36519388)

The same way that people have been transferring money illegally for decades: wire transfers to Caribbean banks with strict privacy laws and lax banking regulations.

Re:How exactly did they pay them? (2)

rwa2 (4391) | more than 3 years ago | (#36519434)

Some way that trackable, I suppose? Wired transfer with fractional pennies as a watermark?

Re:How exactly did they pay them? (5, Insightful)

melikamp (631205) | more than 3 years ago | (#36519622)

This is utter BS. I bet it was the execs themselves who stole the money, probably long before they were "contacted by hackers". If it looks and smells like The Big Lebowski...

Both (0)

Anonymous Coward | more than 3 years ago | (#36519310)

Both

Here's a thought (4, Insightful)

Dunbal (464142) | more than 3 years ago | (#36519316)

How about hiring someone who actually has some idea about security. THAT is supporting stockholders.

Re:Here's a thought (2)

Wrath0fb0b (302444) | more than 3 years ago | (#36519530)

How about hiring someone who actually has some idea about security. THAT is supporting stockholders.

Short term, he might have a crapload of work to do to implement best practices, clear out infected machines, train users on password complexity all while being attacked and losing business due to unavailability. Shareholders would not appreciate that, nor would any sensible security consultant promise they can dig you out of an attack as it is occurring.

It might be best to pay them for short term protection and using that breathing space to harden up so the next time they ask, you are prepared.

Re:Here's a thought (4, Insightful)

interkin3tic (1469267) | more than 3 years ago | (#36519558)

It does seem like $100k spent on security would have longer benefits than one payoff. For that matter, maybe a $100k insurance policy would be a better investment.

They did! (2)

Weezul (52464) | more than 3 years ago | (#36519614)

They bought something for that $100k, namely the hacker document his hack. I'm sure she even did a contentious job for a coked up Belorussian teenager who's english does not extend beyond text speak.

Yeah, sure $100k sounds steep for simply documenting a handful of security bugs, but they were the bugs that might've bitten you for $1M. And surely you saved way more by building your site using cheap ass Visual Basic developers, right?

Anyways, anyone who views hacking as terrorism is a moron, especially the authorities who threatened the company.

Can't it support both? (4, Funny)

Rivalz (1431453) | more than 3 years ago | (#36519356)

It seem's like it is making everyone happy these days.
News agencies are creaming their panties.
Companies get to sweep shit under the rug while their competitors crash and burn. (I bet you Microsoft was heart broken to hear the PSN got hacked.)
Hackers make some money and who knows might eventually get laid.
The Government gets to restrict our freedom's and buy bigger shiny new toys and has even more reasons to keep printing money until it costs more to print it than its worth.

I get the pleasure of changing my password every twenty minutes to something like LKJGDSKLeiojgtqpltjwe4jt]90iejaasdfHippofucknuggets

Everyone WINS!

Re:Can't it support both? (1, Offtopic)

imgumbydamnit (730663) | more than 3 years ago | (#36519690)

LKJGDSKLeiojgtqpltjwe4jt]90iejaasdfHippofucknuggets? I've got the same combination on my luggage!

Re:Can't it support both? (0)

Anonymous Coward | more than 3 years ago | (#36519788)

Hippofucknuggets is the best password ever.

That's amazing. (1)

Toze (1668155) | more than 3 years ago | (#36519746)

I've got the same combination on my luggage.

Re:Can't it support both? (0)

Anonymous Coward | more than 3 years ago | (#36519936)

Our teachers, however, cry at your incorrect use of conjunctions. :)

Supporting Criminals (3, Insightful)

Jaime2 (824950) | more than 3 years ago | (#36519366)

Paying ransom is almost always a bad idea for the community as a whole. The authorities are simply trying to make the company do the right thing instead of the selfish thing. The biggest problem with security is that the incentives are rarely aligned with the responsibilities; this is a classic case of re-aligning those by pushing the societal cost back to the people who are in a position to make the decision.

Re:Supporting Criminals (2, Insightful)

Anonymous Coward | more than 3 years ago | (#36519560)

The authorities are simply trying to make the company do the right thing instead of the selfish thing.

And threatening them with a crime is always a good way to encourage them to talk to the cops next time, because I'm sure the cops would have put that right at the top of their todo list before the money had traded hands.

Right...

Re:Supporting Criminals (1)

Anonymous Coward | more than 3 years ago | (#36519576)

; this is a classic case of re-aligning those by pushing the societal cost back to the people who are in a position to make the decision.

In a completely unrelated matter: 99% of all companies affected by hacks and intrusions don't report them. I wonder why?

Paying Dane-geld (0)

Anonymous Coward | more than 3 years ago | (#36519370)

And that is called asking for Dane-geld,
    And the people who ask it explain
That you've only to pay 'em the Dane-geld
    And then you'll get rid of the Dane!

-- Rudyard Kipling, from "http://www.poetryloverspage.com/poets/kipling/dane_geld.html"

Re:Paying Dane-geld (1)

wolfsdaughter (1081205) | more than 3 years ago | (#36519444)

Just a few seconds too late...

Solution: Fire middle management. (2, Insightful)

copponex (13876) | more than 3 years ago | (#36519374)

With the savings your friend could hire some real security experts to keep their systems online.

As for the terrorism bit, it makes me wonder when we can sue members of Reagan Administration for arming the proto-Taliban, Saddam Hussein, and Iran. Clinton and Obama owe us a few bucks for Pakistan too, when they inevitably start arming terrorist in the near future. What's good for the goose is good for the gander, right?

Re:Solution: Fire middle management. (0)

Anonymous Coward | more than 3 years ago | (#36519460)

What's good for the goose is good for the gander, right?

Well, no, not always. There are differences between the two... your dad did explain the birds and the bees, right? :)

Re:Solution: Fire middle management. (1)

copponex (13876) | more than 3 years ago | (#36519566)

Doesn't gander mean a group of geese?

Re:Solution: Fire middle management. (2)

Abstrackt (609015) | more than 3 years ago | (#36519674)

A gander is a male goose. A group of geese is called a gaggle if they're on the ground, a skein if they're in the air, or the group can be referred to as a flock regardless of context.

Re:Solution: Fire middle management. (1)

JimFive (1064958) | more than 3 years ago | (#36519680)

Doesn't gander mean a group of geese?

No, a gander is a male goose.
--
JimFive

Re:Solution: Fire middle management. (1)

artor3 (1344997) | more than 3 years ago | (#36519730)

Nah, a gander is a male goose. A group of geese is a gaggle.

Re:Solution: Fire middle management. (1)

geminidomino (614729) | more than 3 years ago | (#36519732)

Nope. Male goose (of which the female is also, for some reason, called "goose.")

Re:Solution: Fire middle management. (1)

Wyatt Earp (1029) | more than 3 years ago | (#36519734)

A gander is a male goose.

Goose applies to the female in particular while gander applies to the male in particular. Young birds before fledging are called goslings. A group of geese on the ground is called a gaggle; when geese fly in formation, they are called a wedge or a skein.

Re:Solution: Fire middle management. (1)

PoopCat (2218334) | more than 3 years ago | (#36519858)

No, and you should sue whoever provided you with such a poor education.

Re:Solution: Fire middle management. (1)

Wyatt Earp (1029) | more than 3 years ago | (#36519696)

Can we also sue Great Britain, Saudi Arabia, Pakistan, the People's Republic of China, and France for arming the "proto-Taliban"?

And France, South Africa, Great Britain, People's Republic of China and the former members of the Soviet Union for arming Iraq under Saddam? You look at the TO&E for Iraq before Desert Storm and after it, there isn't much that was made in the USA there.

As for Iran, gotta go after the French, the Kennedy, Johnson, Nixon, Ford, Carter and Reagan administrations for that, oh and the Israelis too.

Suckers (0)

Anonymous Coward | more than 3 years ago | (#36519396)

Someone sent them an email? And they think now it will stop? What's more likely is the extortionist will brag to his friends about it and spark a gold rush of extortion emails to this pathetic company. If I were a shareholder I would demand the resignation of the idiot who agreed to this, followed by an investigation into whether he knew the extortionist.

Neither (3, Insightful)

Rary (566291) | more than 3 years ago | (#36519398)

Is this supporting terrorists or supporting stockholders?

"Supporting terrorists" is a stupid description, and the idiot who said that needs a kick in the teeth. However, also stupid was paying these jackasses. Take every precaution you can, get the authorities involved as a backup, maybe even alert your shareholders to the threat, but do not pay extortionist script kiddies.

Re:Neither (2)

The MAZZTer (911996) | more than 3 years ago | (#36519442)

If they had had the authorities involved from the beginning they might have been able to arrange for the money to be traced.

Better idea (0)

Anonymous Coward | more than 3 years ago | (#36519410)

Tell them you will pay them $200,000 if they are willing to pick it up in person.

In an unrelated question... (3, Funny)

Anonymous Coward | more than 3 years ago | (#36519420)

What's the name of your friend's company?

Dubious? (4, Interesting)

rueger (210566) | more than 3 years ago | (#36519422)

Am I alone in finding this story incredibly sketchy? Either the company, the poster, and the police are stunning idiots, or it's just bullshit created to inflame a bunch of slashdotters.

If some kind of attribution can't be found, I call BS.

Re:Dubious? (1)

Batmunk2000 (1878016) | more than 3 years ago | (#36519588)

I agree. If a pending charge is actually in the works then the name of the company & CIO should be cited. This story is bogus.

Re:Dubious? (1)

Kittenman (971447) | more than 3 years ago | (#36519660)

"Anonymous reader" and "a friend". I think you're right. Mark you, someone I was talking to at the bar last night said his cousin's best mate's sister's uncle had the same thing happen to him.

Re:Dubious? (1)

amicusNYCL (1538833) | more than 3 years ago | (#36519662)

They actually paid the extortion (told authorities after). The authorities said the company could be charged with supporting Terrorists.

So "the authorities" can prove that the criminals are in fact terrorists, and that the money made it to them, right? But they can't catch them, is that also right?

Yeah, it sounds a little fishy.

Re:Dubious? (0)

Anonymous Coward | more than 3 years ago | (#36519682)

1. Story was submitted anonymously (yeah, I know, but I just don't care enough about /. to sign up).
2. Story happened to a friend (now, for those of us reading this, this becomes a friend of a friend)
3. Story involves fairly impressive claims
4. Story uses hot-button words ("hacked", "extortion", "terrorists") to improve visibility.

Yep, my Snopes radar is going off like crazy for this one.

Danegeld by Rudyard Kipling (5, Informative)

wolfsdaughter (1081205) | more than 3 years ago | (#36519424)

Dane-geld
(A.D. 980-1016)

IT IS always a temptation to an armed and agile nation,
        To call upon a neighbour and to say:—
“We invaded you last night—we are quite prepared to fight,
        Unless you pay us cash to go away.”

And that is called asking for Dane-geld,
        And the people who ask it explain
That you’ve only to pay ’em the Dane-geld
        And then you’ll get rid of the Dane!

It is always a temptation to a rich and lazy nation,
        To puff and look important and to say:—
“Though we know we should defeat you, we have not the time to meet you.
        We will therefore pay you cash to go away.”

And that is called paying the Dane-geld;
        But we’ve proved it again and again,
That if once you have paid him the Dane-geld
        You never get rid of the Dane.

It is wrong to put temptation in the path of any nation,
        For fear they should succumb and go astray,
So when you are requested to pay up or be molested,
        You will find it better policy to says:—

“We never pay any one Dane-geld,
        No matter how trifling the cost,
For the end of that game is oppression and shame,
        And the nation that plays it is lost!”

Re:Danegeld by Rudyard Kipling (1)

CrimsonAvenger (580665) | more than 3 years ago | (#36519618)

Good answer! Was planning to post this myself, but you beat me to it....

They PAID???? (0)

Anonymous Coward | more than 3 years ago | (#36519436)

That's as bad as all those people who sent money to Nigeria. Now they'll be making similar demands of every company in America.

Re:They PAID???? (1)

Timmmm (636430) | more than 3 years ago | (#36519766)

Yes I'm kind of amazed that they paid. How on earth would you expense that?

YOu stupid SOB! (0)

Anonymous Coward | more than 3 years ago | (#36519438)

You should have told mgt that you'd deliver the cash. Then you take the cash out of the bag, put in some phone books, and deliver that to the extortionists.

When they call up and say "You ripped us off!!" You just say to your boss "They're trying to fuck us again!!" I mean, who are they gonna believe?

What's the hackers going to do to you? Hack your Facebook account and put up gay porn? Say mean and nasty things about you?

Simple solution (1)

Anonymous Coward | more than 3 years ago | (#36519450)

1. Find a way to drop the money off in person, or track where it goes.
2. Kill them
3. ??????????
4. profit!!!

Re:Simple solution (0)

Anonymous Coward | more than 3 years ago | (#36519770)

3. ?????????? = keep the money for yourself

There's obviously no question about how to profit

yah, right. (0)

Anonymous Coward | more than 3 years ago | (#36519492)

My friends sisters uncles niece's boyfriend said... I call bullocks.

Supporting terrorists or stockholders? Both. (1)

mpoulton (689851) | more than 3 years ago | (#36519504)

Plenty of good business decisions are illegal. For example, many international trading companies would be more profitable if they expanded into the lucrative cocaine transportation markets. That doesn't mean they can legally do so just because it increases dividends! If the hacking group in question here is a designated Foreign Terrorist Organization (yes, there is a list), then giving them money is a federal crime - regardless of the reason for the payment or how much business sense it makes.

My pet rock wards off hacker attacks (0)

whoever57 (658626) | more than 3 years ago | (#36519510)

I have a pet rock by my desk that I was told (when I bought it) it would ward off attacks by hackers. It's been a great purchase, since we haven't been hacked. It cost a lot less than $100k! What a bargain!

But seriously, how many groups of hackers/crackers are out there? How do you know that paying off the group will not actually encourage attacks (since, by paying, you express doubt in your own security)?

My opinion (0)

Anonymous Coward | more than 3 years ago | (#36519520)

They shouldn't have paid anything, hired a very experienced security expert on a 3 month contract, save money and increase security.

Well if the extortion was done by a ... (0)

Anonymous Coward | more than 3 years ago | (#36519534)

...government employee or even better an official, then yes it probably is supporting terrorist.

Sound Like a Money Laundering Scheme? (5, Interesting)

InitZero (14837) | more than 3 years ago | (#36519564)

So you say a mid-sized company paid a $100,000 extortion? That money with 'poof', right? Untraceable, right? Call me the suspicious sort but are we sure this is extortion and not embezzlement?

Cheers,
Matt

False dichotomy (-1, Troll)

guspasho (941623) | more than 3 years ago | (#36519592)

Supporting stockholders IS supporting terrorists!

Seriously though, those authorities are morons. If they are calling this sort of behavior terrorism then there one could just as well say capitalism is terrorism.

Re:False dichotomy (2, Insightful)

Hatta (162192) | more than 3 years ago | (#36519688)

That's the whole point of "terrorism". You can label anything terrorism, and all of a sudden none of the old rules apply.

Wait what? (0)

Anonymous Coward | more than 3 years ago | (#36519642)

So an anonymous read writes that their friend is CIO at a blah blah blah and you all grant this claim credence?

Re:Wait what? (0)

Anonymous Coward | more than 3 years ago | (#36519756)

Surely you are aware of the "my friend" code for talking about oneself?! And since his boss knows who he is, of course he's anonymous.

The police are probably right (1)

jonbryce (703250) | more than 3 years ago | (#36519694)

I think you will find it is illegal to pay extortion money to criminal groups in most parts of the world. Your friend's employer will also now be on a sucker's list of people they will try to get increasingly larger amounts of money out of, so no, this is not supporting the stockholders.

idea... (1)

swan5566 (1771176) | more than 3 years ago | (#36519722)

If the gov't required all public companies to disclose all such threats and ban them from giving out money or extortionists (or else get in big trouble), then there would be a bigger financial incentive for companies to not pay extortionists than to pay them, and it will eventually cut out this black market from the start. Eventually, the extortionists would realize they have no leverage with the target companies and just stop - hacking them to send a message to other companies wouldn't accomplish anything. And since they're a public company, they wouldn't have as much of a vested interest in trying to duck the gov't and pay off the criminals. I'd bet that this improves the overall safety of companies. Thoughts?

Not the only hackers. (1)

ngc5194 (847747) | more than 3 years ago | (#36519742)

They do know this group isn't the only group of hackers out there? This payment only "applies" to the one group, right? There's nothing preventing any other hacker from attacking that network, and assuming the "protected from " hacking group actually knows about a vulnerability at the "protectee" site, there's nothing preventing them from selling that information to other hackers. When a business pays "protection" money to a group of gangsters, at the very least they have some expectation that this particular gang will protect its territory and some other group won't come along and extort money from them as well. There's no expectation of this on the Internet. You're going to be asked to pay this periodically. If you really want to be left alone, you'd have to pay off several groups. For this money, you can buy some expertise and protect yourself.

Serious Answer: Yes (1)

MDillenbeck (1739920) | more than 3 years ago | (#36519778)

If I recall, anyone who brings any form of material compensation (goods or supplies) to an organization that is a terrorist organization or supports a terrorist organization is in turn guilty of supporting a terrorist organization. What the US Government is trying to do is make it illegal to directly or indirectly support any organization they deem 'terrorist', with the original intent of cutting down the 'money pushers' - the people who procure funding under false pretense and transfer it to entities hostile to the US Government. Since many criminal organizations will have ties with organizations that either directly or indirectly support 'terrorist organizations', the US Government is probably fairly confident that they could draw a line of connection and thus find the company guilty. After all, $100k is a significant amount of money. [As to the post stating that this is BS post, it may be - but it does not change the thought-exercise component of this exercise... think about it: if the Red Cross provides humanitarian aid to members of a terrorist organization and you have donated to Red Cross, then you are guilty also. Welcome to the new USA - a little less liberty for a little more security.]

Don't Pay Ransoms (1)

medv4380 (1604309) | more than 3 years ago | (#36519806)

If you pay a ransom it only encourages you to be hit again and again. At least if you bring in the authorities first then pay the ransom they money can be tracked though all the banks if they say it's a good idea, but they'll probably say the same thing that it's a bad idea. Chikita banana has been in similar hot water with paying the local warlords their protection money.

Extortion is not terrorism (1)

schwit1 (797399) | more than 3 years ago | (#36519836)

Otherwise a bank teller that gives money to a robber that's pointing a gun at them is supporting terrorism.

"is this supporting terrorists or stockholders?" (1)

kel-tor (146691) | more than 3 years ago | (#36519884)

"is this supporting terrorists or stockholders?"

Both.

Smoking pot supports terrorists too (1)

Uloi (1996356) | more than 3 years ago | (#36519920)

That's the new line if you do anything that the DOJ doesn't want you to do. OMG wear your seatbelt or the terrorists win!

Re:Smoking pot supports terrorists too (1)

Uloi (1996356) | more than 3 years ago | (#36519930)

Not that I'm saying paying off hackers is ok :)
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...