Buried in the footnotes of the criminal complaint:<p>> CHS1 [Confidential Human Source] is cooperating with the FBI because of patriotism to the United States and a perceived obligation to Victim Company A. CHS1 has not asked for and has not been offered any form of payment, including consideration regarding immigration or citizenship.<p>Does that mean this person is a foreign national? Would it be risky for this person to return home (perhaps to Russia?) after assisting the US government in this way?
I love reading stories about good people who step up and do what’s right. It seems most of today’s media is slanted to highlight those people who make the immoral, self-serving choice. Thank you, Tesla employee. Thank you for doing the right thing.
muy interensante.<p>we <i>often</i> theorize about / present a threat model of an insider becoming malicious in exactly this way. rare that we hear of it actually occurring.<p>the number used in such threat modeling scenarios is typically $1MM. maybe we need to up that to $4.5MM. (per TFA)<p>note the simplification in the headline: the $1MM was merely the insider’s share, not the proposed ransomware amount.
Sign of a new trend? Most ransomware teams use traditional tactics: phishing to establish beach head, pivot to hunt down admin creds, game over. Some teams make opportunistic use of perimeter vulnerabilities (ie pulse VPN).<p>Most companies struggle with basic security controls like patching. Very few would survive insider threats with admin creds.
I really wish sites would stop using scribd to host primary documents, which requires an account to be able to download them. Use something like DocumentCloud instead - which is both leaner, and does not require account to download files.