![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Я думал, кстати, что эта история с взломанной нефтекачкой уже не станет более безумной. Как бы не так.
Раз:
An outside audit three years ago of the major East Coast pipeline company hit by a cyberattack found “atrocious” information management practices and “a patchwork of poorly connected and secured systems,” its author told The Associated Press.
“We found glaring deficiencies and big problems,” said Robert F. Smallwood, whose consulting firm delivered an 89-page report in January 2018 after a six-month audit. “I mean an eighth-grader could have hacked into that system.”
Два:
The company paid the hefty ransom in difficult-to-trace cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.
Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.
Т.е. там всё через жопу, буквально всё. Включая все вовлечённые стороны. Кстати, даю примерно 2/3 шансов, что воспользоваться суммой в $5М, которую уплатили преступникам, им не удастся - либо вовсе зассут её вынимать сразу, а тем временем их повяжут, либо их повяжут уже при выемке. Как и во всех историях с шантажом, самая главная проблема у преступников при получении выкупа. В случае криптовалют - при превращении его в живые деньги.
Раз:
An outside audit three years ago of the major East Coast pipeline company hit by a cyberattack found “atrocious” information management practices and “a patchwork of poorly connected and secured systems,” its author told The Associated Press.
“We found glaring deficiencies and big problems,” said Robert F. Smallwood, whose consulting firm delivered an 89-page report in January 2018 after a six-month audit. “I mean an eighth-grader could have hacked into that system.”
Два:
The company paid the hefty ransom in difficult-to-trace cryptocurrency within hours after the attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline and jet fuel flowing again to major cities along the Eastern Seaboard, those people said. A third person familiar with the situation said U.S. government officials are aware that Colonial made the payment.
Once they received the payment, the hackers provided the operator with a decrypting tool to restore its disabled computer network. The tool was so slow that the company continued using its own backups to help restore the system, one of the people familiar with the company’s efforts said.
Т.е. там всё через жопу, буквально всё. Включая все вовлечённые стороны. Кстати, даю примерно 2/3 шансов, что воспользоваться суммой в $5М, которую уплатили преступникам, им не удастся - либо вовсе зассут её вынимать сразу, а тем временем их повяжут, либо их повяжут уже при выемке. Как и во всех историях с шантажом, самая главная проблема у преступников при получении выкупа. В случае криптовалют - при превращении его в живые деньги.
Tags: