Kelsey Chapekis | July 27th, 2017
Petya: An Effective Money-Making Scheme?
Over the last few years, hackers have worked hard to solidify themselves as trustworthy. The effectiveness of a ransomware attack relies on the victim™’s belief that hackers will return ransomed files after receiving payment. Ransomware has continued to work as a money-gaining endeavor for hackers because of their record of making good on their promises.
In their book on different types of hacking schemes, Ransomware: Defending Against Digital Extortion, authors Allan Liska and Timothy Gallo describe best practice regarding paying ransoms. “If human lives are immediately on the line, you may consider payment†they begrudgingly admit, despite citing how they wish they could prescribe vigilance against hackers. Through admitting that payment is an option, Liska and Gallo legitimize payment as a means of solving a cybersecurity incident.
The latest virus, “Petya,†has branded itself as a type of ransomware, and is targeting many European businesses. The only problem is, this time hackers cannot be trusted to return any files. Cybersecurity provider Comae asserted in a recent blog post that the newest iteration of Petya was not created to hold files hostage, but to destroy.
Petya.2017 is not ransomware. According to Comae, ransomware “has the ability to restore its modification.†Unfortunately for the victims of Petya.2017, this means they lose their files regardless of whether they pay or not. The precedent established by previous campaigns has tricked hacking victims into paying – without ever receiving their files back.
The core of Petya™’s effectiveness lies in its ability to mislead. Through the misinterpretation of their methods by the masses, they have become far more effective in their efforts.
Ransomware hackers have now lost any “trust†they had built, which sparks the question – will ransomware continue to be an effective money-making scheme?
LEVICK Intern Daniel Leptoukh contributed to this post.Â
Kelsey Chapekis | July 27th, 2017
Petya: An Effective Money-Making Scheme?
Over the last few years, hackers have worked hard to solidify themselves as trustworthy. The effectiveness of a ransomware attack relies on the victim™’s belief that hackers will return ransomed files after receiving payment. Ransomware has continued to work as a money-gaining endeavor for hackers because of their record of making good on their promises.
In their book on different types of hacking schemes, Ransomware: Defending Against Digital Extortion, authors Allan Liska and Timothy Gallo describe best practice regarding paying ransoms. “If human lives are immediately on the line, you may consider payment†they begrudgingly admit, despite citing how they wish they could prescribe vigilance against hackers. Through admitting that payment is an option, Liska and Gallo legitimize payment as a means of solving a cybersecurity incident.
The latest virus, “Petya,†has branded itself as a type of ransomware, and is targeting many European businesses. The only problem is, this time hackers cannot be trusted to return any files. Cybersecurity provider Comae asserted in a recent blog post that the newest iteration of Petya was not created to hold files hostage, but to destroy.
Petya.2017 is not ransomware. According to Comae, ransomware “has the ability to restore its modification.†Unfortunately for the victims of Petya.2017, this means they lose their files regardless of whether they pay or not. The precedent established by previous campaigns has tricked hacking victims into paying – without ever receiving their files back.
The core of Petya™’s effectiveness lies in its ability to mislead. Through the misinterpretation of their methods by the masses, they have become far more effective in their efforts.
Ransomware hackers have now lost any “trust†they had built, which sparks the question – will ransomware continue to be an effective money-making scheme?
LEVICK Intern Daniel Leptoukh contributed to this post.Â
Previous
- Brand
- Howdy, Neighbor
- Ahoy, Matey
- Apology Mania Sweeps the Nation
- Risk Management in a Cancel Culture
- Amazing Grace
- Meet Nancy Pelosi
- Delta Airlines and the Georgia Voting Controversy
- Richard Levick on Volkswagen’s April Fool’s
- The Final Episode of M*A*S*H
- Should Companies Consider Appointing Chief Paranoia Officers to Combat Disinformation?
- Can Capitalism Really Be “For Humanity?”
- The Fifth Estate: A Business Guide for Surviving “The Troubles”
- Communications
- Howdy, Neighbor
- The Importance of Empathy in Today’s Volatile Culture
- It’s Crypto Time
- Ahoy, Matey
- Apology Mania Sweeps the Nation
- Risk Management in a Cancel Culture
- Amazing Grace
- Corporate Leadership in an Age of Unrest
- Ten Rules For Corporations And Social Issues
- Delta Airlines and the Georgia Voting Controversy
- Developing a Crisis Management Program
- “I Never Felt as Unsafe as I Did That Day”
- Company News
- Sorry Works! Announces Partnership with LEVICK
- The Final Episode of M*A*S*H
- Reflections on a Turbulent Year: 2020
- Here We Come
- Recent Awards & Recognition
- Won’t You Be My Neighbor?
- What’s a Director to Do?
- LEVICK Announces Partnership with BCG
- A New Look
- Albert Krieger, 1923-2020
- LEVICK Announces Partnership with Jipyong
- Speaking to In-House Counsel
- Crisis
- Finding Courage
- Stat of the Week: Top 3 Social Risks
- Seeking To Be Understood
- Crisis Communications with Richard Levick
- The New Rules of Risk
- The Tipping Point
- “I Loved That Man”
- Not So Prime Day
- Can Michigan Medicine Save Michigan Football?
- Stat of the Week: Employee Activism
- The Impossible Dream
- Crisis Management for Modern Companies
- Finance
- It’s Crypto Time
- The World of Financial Crimes with Tom Ajamie
- Can Capitalism Really Be “For Humanity?”
- GameStop: The Buck Starts Here
- Here We Come
- The Threat to Free Markets
- Advisory & Insurance Services
- WATCH: Revolutionizing Litigation Finance
- Litigation Finance: Revolutionizing Litigation
- Consumer-Focused Solutions for Financial Health
- Event: Consumer-Focused Solutions for Financial Health
- Sports: Power and Money in a New Age of Social Justice
- Guest Column
- Guest Blog: The Mainstream Media Gets an A for Intellectual Arrogance, an F for Journalism
- Buckle up Directors: Cybersecurity Risk and Bankruptcy Risk Are Not Mutually Exclusive
- Buckle up Directors: Cybersecurity Risk and Bankruptcy Risk Are Not Mutually Exclusive
- South Africa: The Slow Decline of the ANC
- Why CSR Fails and How to Fix It
- What to Expect Following the European Elections?
- Buhari Inaugurated. What Now for Nigeria?
- Marketing- It’s Up To You…
- Crisis Management lessons from the air-crash investigation model
- The Future of War
- Health
- Sorry Works! Announces Partnership with LEVICK
- They Say It Can’t Be Done: Examining the Need for Regulatory Reform
- Reflections on a Turbulent Year: 2020
- Food Issues & the Biden Administration
- Covid-19: The Pandemic that Never Should Have Happened
- Pharma’s Post-Pandemic Policy Outlook
- Keeping Hope Alive
- Real Herd Immunity
- The Fiction of College Sports Amateurism
- Mac Summit: Crisis Communications in a Post-Covid, Post-Election World
- Travel Industry Communications in the Age of Covid-19
- Track of Time
- In Memoriam
- Snider’s Super Foods: Locally World Famous
- Speak Truth With Love, Not Anger
- In Memoriam: Stephen Susman
- Letter to the Movement
- John Lewis’ Life Bridged the Best of America
- Albert Krieger, 1923-2020
- In Memoriam of Marcia Horowitz
- Jim Lehrer Passes Away
- Martin Luther King, Jr.
- Harold Burson Passes Away
- Interviews
- CommPRO: Ruth Bader Ginsberg’s Life & Legacy
- Richard Levick on “My Wakeup Call”
- Primerus Webinar: Into the Wind
- The Future of Baseball Post-Pandemic
- Webinar: The End of Brand Neutrality
- Thought Leadership & Organic Growth
- Man & Superman
- LEVICK Announces New Webinar Series with Turbine Labs
- Navigating Coronavirus Challenges in the Insurance Industry
- VIDEO: How to Anticipate & Avoid a Crisis
- What’s Next? with Julie Chase
- What’s Next?: California Electoral Behavior
- Law Firms
- Beyond Black Swan
- Litigators: Your Friend for Hire
- Digital Upskilling in Legal: More Than Just New Technology
- An Insider’s View of the Legal World
- Fighting for the Rule of Law with Marshall Harris
- Why Should I Apologize? Lawyers vs. Communicators
- You Took a PPP Loan. Now Get Ready to Talk About It.
- Beyond Black Swan: Positioning the law firm for the new normal
- A Salute to Personal Courage and the Rule of Law
- Cyber Risk Institute Expands Its Profile
- When a client becomes a law firm’s PR nightmare
- The General Counsel’s Dilemma
- Litigation
- Beyond Black Swan
- Litigators: Your Friend for Hire
- An Insider’s View of the Legal World
- Buyers’ Guide to In-House Tech
- Fighting for the Rule of Law with Marshall Harris
- Why Should I Apologize? Lawyers vs. Communicators
- A Conversation with Abbe Lowell
- Leveraging Legal Expertise in Communications
- You Took a PPP Loan. Now Get Ready to Talk About It.
- Beyond Black Swan: Positioning the law firm for the new normal
- A Salute to Personal Courage and the Rule of Law
- Cyber Risk Institute Expands Its Profile
- Our Work
- Beyond Black Swan
- Bridging the “Preclinical Gap” in Childhood Cancer Research
- Recent Awards & Recognition
- The Cyber Bad Guys Are Getting Worse
- Crisis Communications & The Age of Cancel Culture
- Standing on the Shoulders of Giants
- Video: Conversations with American Legends
- Staying Ahead of the Crisis
- A New Era of Insurance Marketing
- Infographic: Judgment Free Zone
- Infographic: Barriers to Entry
- Infographic: History Meter
- Public Affairs
- You’re the Media and You’re Going to Die
- The Politics Industry
- The Politics Industry with Katherine Gehl
- Real Washington with Former White House Press Secretary Joe Lockhart
- From Shareholders to Stakeholders with Don Springer
- The Regulatory Hall of Fame
- Richard Levick on U.S.-China Relations
- The Price of Courage
- Can Capitalism Really Be “For Humanity?”
- GameStop: The Buck Starts Here
- Impeach, Indict, Heal? A Discussion of Post-Trump Washington
- “Crooked Dominion Machines,” Impeachments, Insurrections & The First 100 Days
- Risk
- It’s Crypto Time
- Should Companies Consider Appointing Chief Paranoia Officers to Combat Disinformation?
- The Price of Courage
- Ingredients of Decency
- ESG Performance and Credit Markets
- The Coronavirus Saga is Just Beginning
- No. 1 Risk of the Decade
- The Risk Evolution of Corporate Risk
- Extend Risk Management Reach
- Collective Action
- Risk Identifying Software
- The New Risk of Doing Nothing
- Social
- Diamonds & Rust
- They Say It Can’t Be Done: Examining the Need for Regulatory Reform
- The Power of Love
- A Call for Elected Officials to Protect Voting Access
- How America Scores Changes Youths Through Soccer and Poetry
- Look
- Should Companies Consider Appointing Chief Paranoia Officers to Combat Disinformation?
- The Price of Courage
- Bridging the “Preclinical Gap” in Childhood Cancer Research
- The Ministry of Common Sense
- How to Stop the Madness
- A Remembrance of Tommy Raskin
- Technology
- They Say It Can’t Be Done: Examining the Need for Regulatory Reform
- Digital Upskilling in Legal: More Than Just New Technology
- Should Companies Consider Appointing Chief Paranoia Officers to Combat Disinformation?
- Bridging the “Preclinical Gap” in Childhood Cancer Research
- 3 Tech Lessons Businesses Must Learn From COVID-19
- Constella Intelligence Announces Hunter for Improved Investigation Capability
- Cyber Risk Institute Expands Its Profile
- Digital Politics: The Future of Voting Technology
- Ethics in Electronics
- The Cyber Bad Guys Are Getting Worse
- A First Look at the Google Antitrust Suit
- The Pause
- This Week
- A Remembrance of Tommy Raskin
- A New Year’s Resolution
- Over the River and Through The Woods
- Dropping the Mic
- Won’t You Be My Neighbor?
- The Cyber Bad Guys Are Getting Worse
- What We Hear
- Track of Time
- Video: Conversations with American Legends
- Conversations with American Legends
- A New Era of Insurance Marketing
- American Legend