Ransomware with Terms of Service
Mitch Tanenbaum, Partner & CISO, CyberCecurity
So you thought only companies like Microsoft and Google had terms of service. Apparently that is not the case.
I keep talking about the horror that ransomware 2.0 is with hackers stealing the data before they encrypt it and threatening to publish the data if you don’t pay.
That means backups alone are not sufficient to protect you.
Now one of the first players to use ransomware 2.0 against victims is upping the ante by creating terms of service like a legitimate software provider.
Here are their terms:
- If you do not respond to their attack within 3 days, they will publish that you have been hacked on their web site. They say that if you don’t start communicating within 3 days, you only have yourself to blame.
- They say that negotiating means dialog and finding the “best” solution for both parties. If the “client” is too shy, scared or just can’t negotiate, that is, they say, exclusively the client’s problem.
- They say that if you can’t figure out how much it is going to cost you to recover without them, they will help you. It will cost you over 10 million dollars. Not sure how they came up that number, but there you go.