Interview zu drohender Ransomware-Veröffentlichung der Daten von NZZ
Mittwoch, 26. April 2023
Seit mehreren Wochen muss sich das Medienunternehmen NZZ (Neue Zürcher Zeitung) mit einer Ransomware-Attacke auseinandersetzen. Es zeichnet sich ab, dass einer Zahlung nicht nachgekommen werden will. Die verantwortliche Ransomware-Gruppe Play droht auf den kommenden Freitag mit einer Veröffentlichung der gestohlenen Daten. Marc Ruef hat sich mit dem Journalisten Anouch Seydtaghia zum Fall unterhalten, der die Einschätzung für die Zeitung Le Temps aufgearbeitet hat.
So far, what do we know about that data stolen?
Initial claims expected a small amount of data stolen. But further investigation might indicate that internal information and confidential personal data could be included as well.
The countdown was until yesterday, then today, then this Friday: does it mean that there is a negotiation between the company and the hackers?
Ransomware gangs are pursuing a business approach: They want to get money. Disclosing stolen data does not earn them any money. It just generates publicity which might frighten new victims and therefore improve future transactions. But such publicity is also bad as authorities might increase their investigation activities as well. Therefore, it looks like the attackers still try to convince the victim to pay the ransom. This will lead to some form of negotiation of course which is an emerging advantage for the victim.
What could be the amount of the ransom?
In earlier days ransomware demanded static prices, like WannaCry did with USD 300 per infection. But modern ransomware campaigns are much more complex. And also maintained by the attackers which decide on a victim-basis how much money the ransom is worth. It would not be a surprise if in this case a six-figure demand is given.
Do you think that this media was a special target or just another company targeted by hackers looking for money?
Ransomware attacks are successful especially in environments where sensitive data is used and this data is mandatory for business. Media outlets are not special in this regard, like financial institutes or medical facilities.
Links
- https://www.letemps.ch/economie/cyber/incertitude-totale-autour-cyberattaque-subie-nzz
- https://www.nzz.ch/informatio-eigener-sache-cyberangriff-auf-das-unternehmen-nzz-ld.1732110
Tags
Sie suchen Interviewpartner?
Unsere Spezialisten kontaktieren Sie gern!