this post was submitted on 18 Jun 2024
62 points (100.0% liked)
Data Breaches
1041 readers
72 users here now
Information about data breaches, data leaks, ransomware attacks, and other related stories.
Companion communities
- [email protected] - centered on the cybersecurity and information security profession.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm not claiming to speak from experience or expertise. But let's be honest, these incidents pay your salary, so you're not exactly unbiased either. In fact, one could even make the argument that you have an incentive for these attacks to never fully stop (I'm not saying that).
I understand that they may be forced to pay by government or insurance, and that it may be the cheapest option. But straight up: if no one paid these ransoms and had better mitigation strategies, they wouldn't continue to do them.
These incidents require remediation. I am here to stop and thwart these things. I am not here just because I set out to profit on bad behavior.
I can't tell you how many times I want to throttle my clients for poor practices or bad choices. That being said, I am doing this because it's necessary to improve overall practices across the industry.
And you're right, if nobody paid the ransom, it would stop... maybe. But on the same note, if nobody was a greedy asshole, there wouldn't be attacks. If nobody had bad practices, there wouldn't be vectors... If, if, if.
The fact is, all of this is a thing and I do this for a living not because I set out to, but because my skillset and experiences in this industry have caused me to be very good at extracting users from these scenarios.