In retrospect, it is probably safe to assume that drink had been taken. Lots of it. And there had to be at least two men involved (women are far too bright to participate in this kind of thing). We can also assume that each idiot reassured the other that this really was a swell idea—because one guy, no matter how drunk, could not possibly talk himself into doing something that was simultaneously so bizarre, so disrespectful, and so dim.
The year was 1987. Criminal masterminds broke into the tomb of Argentine president Juan Peron, severed his hands and stole them. They weren’t surgically delicate about it either. They used a chainsaw which, by the way, makes a lot of noise and is about as stealthy as an angry cape buffalo.
Nonetheless, they made their escape and promptly issued a ransom note to members of Peron’s political party demanding $8 million for the return of el presidente’s hands. The party reasoned that Peron had no further use for his hands, and that at $800,000 per digit, the ransom was disproportionately pricey, and refused to pay.
Had they consumed a few more drinks, the thieves might have settled on severing the more-ransomable head, but as it was, all they got for their trouble were two grizzly mementos.
Such are the vicissitudes of the ransom business.
Ransom is almost as old as greed. No less a protected personage than Julius Caesar was once captured by pirates and held until the Empire coughed-up 50 talents to free him. Initially, the pirates demanded a paltry 20 talents, which insulted the great Caesar. Full of his own importance, as only a 25-year old world conqueror could be, Caesar insisted he could pay no less than 50. (Not a model that ransomware victims are urged to follow.)
The largest ransom ever paid—valued in today’s market at over $2 billion—was extorted from the Incas by the homicidal Francisco Pizarro who demanded a roomful of gold in return for their leader. He received the gold, but killed the hostage. (A cautionary tale for ransomware victims who choose to pay.) It should be noted that Pizarro received a measure of karmic justice when the son of a rival also killed by Pizarro, later assassinated him—for free it turns out. (A cautionary tale for purveyors of ransomware.)
The Middle Ages were a boom-time for the ransom industry because it provided the rich and powerful a way to avoid becoming victims of the carnage they unleashed. Heraldic crests worn on armor were developed in part to identify the guys with the assets who would be worth more alive than dead. Thus, they could lose the battle but avoid the consequences. In that regard, not much has changed.
Your company, it turns out, also has a heraldic identifier, it just goes by a less pretentious name: logo. Four small colored squares signify the realm of “King Gates.” A modest “f” in a rounded box identifies the holdings of “Emperor Zuckerberg.” The Golden Arches have become the universal symbol for the best in poor nutrition. And then, of course, there is the fashionista Swoosh which signifies the latest evolution in overpriced athletic sportswear. If your company has a logo, it’s a walking advertisement for data ransom.
It’s ironic that ransom events come as such a galloping surprise. You shouldn’t be amazed that your home gets burgled if you insist on leaving all your doors and windows open. Warnings have persisted since the definition of “virus” and “worm” abruptly expanded in the 80s. Yet since that time, we’ve managed to sleep through numerous wake-up calls, while cyber attacks have gone from being merely annoying to becoming national security threats.
No one, it seems, is immune. Over the years such tech-savvy companies as Amazon, Yahoo!, Dell, and Google have been hacked. The world’s largest oil exporter, Saudi Aramco—which one would think is nothing if not security conscious—lost data from no fewer than 30,000 corporate computers. Financial institutions are lucrative targets, although not as frequently hit as the Education and Health Care sectors. Governments are no less exempt. Iran’s nuclear program was famously compromised. (If nuclear weapons are a form of blackmail, this could be described as a rare instance where a ransomee hacked the ransomer.) Even the Pentagon’s computers have been breached.
So successful has data ransoming become that individual targeting has morphed into global extortion. U.S. authorities estimate that more than 300,000 computers in some 150 countries were infected by the aptly named WannaCry attack. And many with unprotected systems no doubt did. And while software providers do their best to supply timely patches, IT managers have unaccountably been slow to install them. (Yet another prophetic warning.)
It may be comforting to believe that agencies such as the data gathering, code cracking, super sleuthing NSA will warn us about software exposures. But it appears the cyber-spooks are more interested in stockpiling vulnerabilities for their own invasive uses, rather than alerting users to possible exploitation by others.
And ransom is just one of the ways data can be corrupted. Hardware failures, software glitches, disgruntled employees, procedural lapses, state-sponsored malice; the digital landscape is prone to accident and predation.
Normal backups do not support restoration of data just prior to the point of encryption or deletion. Depending on the timing, a day’s transactions may be lost. For complete data security, the key element is having a recovery utility that not only mirrors live production systems in real time, but also supports point-in-time retrieval of data. The ability to scroll back and restore the last occurrence of uncorrupted data, will make any IT manager less likely to grab a chainsaw and want to cut the hands off the hacker who just posted a demand for bitcoin on his screen.
So, keep breathing, and start scrolling. Full recovery is just minutes away.
This article is written by Victor Rozek, who is an award-winning columnist and writes for IT Jungle The Four Hundred. #victor4maxava