Ransomware Costs Toshiba 400,000TB of SSD Storage Production

[Me1z]

7 minutes ago, Drak3 said:

1: It specifies that the internal network was attacked, but not the source of the attack. It's possible, and VERY probable, that it wasn't initiated over the internet. It's also highly likely that the network of systems attacked operate on a virtual network with no direct internet access that would allow this outcome.

 

2: It very likely is, on media that prioritizes data integrity over read/write speeds. It's also likely that their system is not set up to reset the systems that quickly.

 

3: Without knowing more about the circumstances on how this happened, it's safe to assume that Toshiba has a security system in place that would stop most incidents. But as with every security system, there are holes.

 

In repsonse to 1: I suppose this implies the ransomware was introduced to the network via flashdrive or some other infected portable storage device? It's a more understandable scenario, but still shocking that it was able to progress to vital production systems

[NoRomanBatmansAllowed]

43 minutes ago, Siedge said:

I am very curious what the money lost here is for them. I imagine it's very very high.

Well I mean the price is going to go up, so they'll be receiving more money/chip.

[captain_to_fire]

53 minutes ago, Clockwork_princess said:

why do people have to be like that

Because creating malware is apparently very lucrative. 

[ARikozuM]

Just now, hey_yo_ said:

Because creating malware is apparently very lucrative. 

Makes you question your career choice... 

[Clockwork_princess]

1 hour ago, hey_yo_ said:

Because creating malware is apparently very lucrative. 

yeah I guess some people care about money. but then when they have all the money waht do they have to look forward to?

 

spending it all to just make more? 

[mr moose]

27 minutes ago, Me1z said:

What kind of idiots are running the show at Toshiba? For a company so heavily invested in the storage market, this is downright embarassing. They literally MANUFACTURE storage devices, they could have had a company wide backup system at minimal cost...

 

Can you name me an IT company that hasn't been hacked/compromised/lost data? 

 

Kapersky: http://www.bbc.com/news/technology-33083050

Symantiec: https://www.computerworld.com/article/2501418/cybercrime-hacking/symantec-backtracks--admits-own-network-hacked.html

MS: https://www.engadget.com/2017/10/17/microsoft-bug-database-hacked-in-2013/

Apple: https://www.lifehacker.com.au/2017/08/apples-secure-enclave-chip-has-been-hacked/

Android: https://thehackernews.com/2017/05/android-hacking-technique.html

 

Just to list a few, We know there are more, but you get the point.  They are not "Idiots", just fallible people like the rest of the world.

 

 

[Zodiark1593]

44 minutes ago, Ryan_Vickers said:

Ignoring any other possible issues with this, I think the issue you'll have is finding them in the first place.  If they could do that you can bet they would be prosecuted under existing laws.

---

And this is why I always say don't pay.  Every time someone does, it gives them more money and shows that there's a viable "business" doing this, so more people start doing it.  Mad about prices going up?  Don't hate the attackers, hate the people who literally paid them to do it - everyone who has fallen victim before and rather than fighting back decided to just lay down and go along with it.  How long has ransomware been "a thing"?  A year at least, right?  Maybe even two?  It could have been stopped before it even got going but no, instead it's growing at an alarming rate, and you know why?  Because it works.  And it works because people are willing to pay.  Don't be one of them.

Unfortunately, many are those that have little option but to pay the ransom (and hope) due to lack of backups or similar foresight. Some chance of data recovery >>> 0 chance of data recovery, after all.

[vanished]

3 minutes ago, Zodiark1593 said:

Unfortunately, many are those that have little option but to pay the ransom (and hope) due to lack of backups or similar foresight. Some chance of data recovery >>> 0 chance of data recovery, after all.

Little option?  There's always a choice.  You can fund criminal activities, or you can not fund criminal activities.

[captain_to_fire]

41 minutes ago, Clockwork_princess said:

get it, when you have no real skills in life you have to go and be malousisos to take money from other people who have skills and worked hard,

Sometimes cybercrime like ransomware is about retaliation.

 

Just imagine ten of ban hammered members of the forum wants to have their revenge so they joined forces to craft a very sophisticated malware (advanced persistent threat) and harvest the personal information of forum mods (e.g. @TheRandomness or @Ryan_Vickers or @Godlygamer23,etc)  like emails and passwords and dump it in Github, then afterwards execute a ransomware which will permanently encrypt Linus’ petabyte server or wipe out their workstations used by LMG’s editors and later demand ransom payments of 200 bitcoins/approximately $1,100,000. 

 

14 minutes ago, ARikozuM said:

Makes you question your career choice... 

I think many companies are hiring hackers especially formerly black hat and gray hat hackers for penetration testing and some of them are paid at least $100,000 and above. Some home based hackers apply to bug bounty programs of tech companies and the pay is very appealing. Which is why Jailbreaking an iPhone is becoming less and less popular because former jailbreakers just submit bugs and CVEs to Apple. Even antivirus makers have bug bounty programs.

Edited October 20, 2017 by hey_yo_

[Clockwork_princess]

1 hour ago, hey_yo_ said:

Sometimes cybercrime like ransomware is about retaliation.

 

Just imagine ten of ban hammered members of the forum wants to have their revenge so they joined forces to craft a very sophisticated malware (advanced persistent threat) and harvest the personal information of forum mods like emails and passwords and dump it in Github, then afterwards execute a ransomware which will permanently encrypt Linus’ petabyte server or wipe out their workstations used by LMG’s editors and later demand ransom payments of 200 bitcoins/approximately $1,100,000. 

 

I think many companies are hiring hackers especially formerly black hat and gray hat hackers for penetration testing and some of them are paid at least $100,000 and above. Some home based hackers apply to bug bounty programs of tech companies and the pay is very appealing. Which is why Jailbreaking an iPhone is becoming less and less popular because former jailbreakers just submit bugs and CVEs to Apple. Even antivirus makers have bug bounty programs.

wanna get banned and team up  /s 

[captain_to_fire]

2 minutes ago, Clockwork_princess said:

wanna get banned and team up  /s 

Probably Linus and his petabyte server has some sort of enterprise grade protection and I hope he does. But having extremely pissed banned forum members hacking LMG is not far fetched. 

[mr moose]

4 minutes ago, Clockwork_princess said:

wanna get banned and team up  /s 

I'll drive the getaway car,  It's about all I'd be good for.   

 

 

 

Except getting tea and biscuits, I can do that really well.

[vanished]

1 minute ago, hey_yo_ said:

Probably Linus and his petabyte server has some sort of enterprise grade protection and I hope he does. But having extremely pissed banned forum members hacking LMG is not far fetched. 

He does, and it is

[Clockwork_princess]

1 hour ago, hey_yo_ said:

Probably Linus and his petabyte server has some sort of enterprise grade protection and I hope he does. But having extremely pissed banned forum members hacking LMG is not far fetched. 

i guess we can always say well just go in at night and smash it with a hammer, ( i know they have security system lol)

 

but yes, a tech forum where people on here can have the ability to hack and if they get banned and know they can get away with it i see it as a very real possibility, especially in the sense of doxing  forum staff members   

[Zodiark1593]

1 minute ago, Ryan_Vickers said:

Little option?  There's always a choice.  You can fund criminal activities, or you can not fund criminal activities.

As ever, my best advice to address this is to keep backups, though said advice is of no help whatsoever to one facing a ransomware in the first place. 

 

Obviously, most businesses would much prefer to avoid paying to criminals, but in the unfortunate event that valuable data is held in ransom with no functional backup present, the impact of losing that data is also added into consideration. In the case that data loss may be catastrophic for a business, having a shot (however small) of getting it back may outweigh the downsides of paying out to criminals.

 

Among factors in determining whether or not to pay a ransom, the criminal aspect is merely one factor among several (or many) others.

[vanished]

1 minute ago, Zodiark1593 said:

As ever, my best advice to address this is to keep backups, though said advice is of no help whatsoever to one facing a ransomware in the first place. 

 

Obviously, most businesses would much prefer to avoid paying to criminals, but in the unfortunate event that valuable data is held in ransom with no functional backup present, the impact of losing that data is also added into consideration. In the case that data loss may be catastrophic for a business, having a shot (however small) of getting it back may outweigh the downsides of paying out to criminals.

 

Among factors in determining whether or not to pay a ransom, the criminal aspect is merely one factor among several (or many) others.

I wonder if they consider the long term recurring threat that they bolster by paying in these situation assessments where it's decided whether to pay or not.

[captain_to_fire]

Just now, Ryan_Vickers said:

I wonder if they consider the long term recurring threat that they bolster by paying in these situation assessments where it's decided whether to pay or not.

How many computers are infected is one of the factors they’ll consider. If 500 of their workstations or all of their file servers got encrypted and the crooks demand 2 bitcoin payments for each individual computer, that’ll be a tough decision. 

[vanished]

Just now, hey_yo_ said:

How many computers are infected is one of the factors they’ll consider. If 500 of their workstations or all of their file servers got encrypted and the crooks demand 2 bitcoin payments for each individual computer, that’ll be a tough decision. 

I'd imagine that most of the time, if there's actually any discussion at all beyond "Can we recover?  No?  Then pay" it's nothing more sophisticated than "what's the cost of paying vs writing off the loss, etc. <insert other business/economics options unrelated to technology>

[Zodiark1593]

1 minute ago, Ryan_Vickers said:

I wonder if they consider the long term recurring threat that they bolster by paying in these situation assessments where it's decided whether to pay or not.

Publicity would probably be a bigger factor, though if the loss of data represents a particularly big loss for a business, neither factor would take precedence. 

 

I believe a hospital in Britain had been hit with ransomware at one point. Had it been patient data that was encrypted, I would suspect this would quite vastly outweigh the prospect of funding criminals.

 

 

1 minute ago, Ryan_Vickers said:

I'd imagine that most of the time, if there's actually any discussion at all beyond "Can we recover?  No?  Then pay" it's nothing more sophisticated than "what's the cost of paying vs writing off the loss, etc. <insert other business/economics options unrelated to technology>

Tbh, this is probably what it comes down to. If the loss is small enough, a business would probably write it off, both for the minimal risk and return value, and for publicity.

[captain_to_fire]

1 minute ago, Ryan_Vickers said:

I'd imagine that most of the time, if there's actually any discussion at all beyond "Can we recover?  No?  Then pay" it's nothing more sophisticated than "what's the cost of paying vs writing off the loss, etc. <insert other business/economics options unrelated to technology>

If the crooks are just asking $500/0.09 BTC and the company had a great fiscal year, they’ll probably say “of fuck it let’s just pay” for those 500 infected workstations. ???

[Me1z]

38 minutes ago, mr moose said:

 

Can you name me an IT company that hasn't been hacked/compromised/lost data? 

 

Kapersky: http://www.bbc.com/news/technology-33083050

Symantiec: https://www.computerworld.com/article/2501418/cybercrime-hacking/symantec-backtracks--admits-own-network-hacked.html

MS: https://www.engadget.com/2017/10/17/microsoft-bug-database-hacked-in-2013/

Apple: https://www.lifehacker.com.au/2017/08/apples-secure-enclave-chip-has-been-hacked/

Android: https://thehackernews.com/2017/05/android-hacking-technique.html

 

Just to list a few, We know there are more, but you get the point.  They are not "Idiots", just fallible people like the rest of the world.

 

 

I'm well aware that we live in an age where hacking is an inevitability and no security is ever 100%, and I wouldn't blame them if they simply experienced a data breach, but of the examples you presented NONE of them were ransomware attacks. Falling victim to ransomware is for the elderly running XP based systems, not manufacturing giants. This could have easily been prevented.

[vanished]

2 minutes ago, hey_yo_ said:

--

3 minutes ago, Zodiark1593 said:

--

 

Ultimately my point is we're here today lamenting the impending increase in NAND cost once again because people have funded this epidemic into existence.  Is it the hackers' fault?  Yes, but not exclusively... not even close.

[captain_to_fire]

Just now, Ryan_Vickers said:

 

Ultimately my point is we're here today lamenting the impending increase in NAND cost once again because people have funded this epidemic into existence.  Is it the hackers' fault?  Yes, but not exclusively... not even close.

You can partly blame Apple for the shortage of NAND flash. https://9to5mac.com/2017/06/21/iphone-8-ram-flash-storage-chips/

[vanished]

Just now, hey_yo_ said:

You can partly blame Apple for the shortage of NAND flash. https://9to5mac.com/2017/06/21/iphone-8-ram-flash-storage-chips/

I've been known to give Apple a hard time but I don't think even I can find a reasonable way to rope them into this

It's between toshiba, the attackers, and everyone who has previously paid to get data back.

[SlipperyPete]

1 hour ago, thorhammerz said:

brace yourselves, the winter of inflated SSD prices are coming.

we are already in the winter of inflated SSD prices, it just got its second wind though