Tomorrow.

Our thoughts and ideas on what's next.

visit levick.com

Levick Blog

Tomorrow.

close

Connect.

We're on.
And we're available.

DC

1900 M Street NW
Washington, DC 20036
P 202.973.1300

NY

122 East 42nd Street
New York, NY 10168
P 917.612.8419

CHICAGO

70 West Madison Street
Chicago, IL 60602
P 312.214.2300

SF

535 Mission Street
San Francisco, CA 94105
P 415. 433.0100

Kelsey Chapekis

July 27, 2017

Petya: An Effective Money-Making Scheme?

Over the last few years, hackers have worked hard to solidify themselves as trustworthy. The effectiveness of a ransomware attack relies on the victim’s belief that hackers will return ransomed files after receiving payment. Ransomware has continued to work as a money-gaining endeavor for hackers because of their record of making good on their promises.

In their book on different types of hacking schemes, Ransomware: Defending Against Digital Extortion, authors Allan Liska and Timothy Gallo describe best practice regarding paying ransoms. “If human lives are immediately on the line, you may consider payment” they begrudgingly admit, despite citing how they wish they could prescribe vigilance against hackers. Through admitting that payment is an option, Liska and Gallo legitimize payment as a means of solving a cybersecurity incident.

The latest virus, “Petya,” has branded itself as a type of ransomware, and is targeting many European businesses. The only problem is, this time hackers cannot be trusted to return any files. Cybersecurity provider Comae asserted in a recent blog post that the newest iteration of Petya was not created to hold files hostage, but to destroy.

Petya.2017 is not ransomware. According to Comae, ransomware “has the ability to restore its modification.” Unfortunately for the victims of Petya.2017, this means they lose their files regardless of whether they pay or not. The precedent established by previous campaigns has tricked hacking victims into paying – without ever receiving their files back.

The core of Petya’s effectiveness lies in its ability to mislead. Through the misinterpretation of their methods by the masses, they have become far more effective in their efforts.

Ransomware hackers have now lost any “trust” they had built, which sparks the question – will ransomware continue to be an effective money-making scheme?

LEVICK Intern Daniel Leptoukh contributed to this post. 

Comments: 0
Categories: Crisis
Tags:
Posted by: Kelsey Chapekis

No comments