I'm still hopeful that Garmin is prosecuted for paying the random. The us is actually sanctioning evil Corp. <a href="https://slate.com/technology/2020/07/garmin-cyberattack-ransomware-payment.html" rel="nofollow">https://slate.com/technology/2020/07/garmin-cyberattack-rans...</a><p>I even have a Garmin device affected by this. I still want ransomware stopped.
Since GARMIN is a publicly traded company, couldn’t an investor demand to know if the money was paid, and if they don’t get an answer, they could go to the SEC? Could they sue?
I’m curious if the average company even bothers planning/testing their ability to recover from a ransom ware attack wo paying.<p>Like do they even bother planning for that or are they unaware of the risk or did they decide it’s more cost effective to purely rely on prevention and plan to pay any ransom.<p>I feel like there should be a regulation, where if they pay the ransom then they get a penalty of 2-5x the ransom charged.
To me the fascinating part is that with the ransom payment they received the decrypt key as well as the security system patches needed to protect the system. However I would be very nervous that the hacker didn’t leave something behind but perhaps they would rather a good reputation and not risk losing payment for the next attack.
Is Evil Corp their actual name, or just what the US law enforcement called them? <a href="https://home.treasury.gov/news/press-releases/sm845" rel="nofollow">https://home.treasury.gov/news/press-releases/sm845</a>