The word ‘ransomware’ has been put on a par with a number of unpleasant phenomena, such as geopolitical tensions, extortion, and government-backed hacks.
Additionally, the operators will have to find a new way to ‘wash’ the cryptocurrency they earn from ransoms. Intel 471 has observed that BitMix, a popular cryptocurrency mixing service used by Avaddon, DarkSide and REvil has allegedly ceased operations.
Yet the NSA didn’t get in any trouble when they caused 6+ deaths and billions of dollars in damages when they refused to notify microsoft about EternalBlue, then got hacked and their exploit leaked, and caused untold amounts of damage across the world.
Though I use Linux and BSD, I’m not specifically advocating for any flavour of those above, but I am advocating for using OSes which are provably more secure – yet, they always aim for convenience over security, and if they aren’t ransomed for their system’s functionality, they’re breached with the customers’ or clients’ data stolen.
Commercial routers for the SMB market aren’t much better, for example Sonicwall just released patches for three zero-day vulnerabilities to its hosted and on-premises email security products.
I prefer to authenticate this story, but such that it is, i must say I am disappointed.
As if the day-to-day of a security practitioner isn’t stressful enough, I can only imagine the pressure cooker the Colonial Pipeline teams have been experiencing, and they deserve our support.