• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Would you have paid the ransomware hackers?

Should they have paid the hacker and avoid all the leaked confidential information?

  • Total voters
    220
AndrewRyan

AndrewRyan

Member
I wonder if hackers would have a better success rate if they released the personal data in a second data dump, thereby putting pressure on the company to protect their employees. It would go something like this:

1. Steal data
2. Demand payment
3. Payment not received: Release non-personal data
4. Demand payment to protect personal-data
 
StreetsofBeige

StreetsofBeige

Gold Member
AndrewRyan said:
I wonder if hackers would have a better success rate if they released the personal data in a second data dump, thereby putting pressure on the company to protect their employees. It would go something like this:

1. Steal data
2. Demand payment
3. Payment not received: Release non-personal data
4. Demand payment to protect personal-data
Click to expand...
It'd be interesting to know how much and what files Sony knew hackers stole. And how detailed hackers were telling Sony they had this kind of data.

If both sides didn't know or communicate what's at stake, Sony could just call their bluff assuming they got nothing. You never know, maybe hackers made an extortion attempt and literally had zero files.

If Sony knew games data, financials and employee data were stolen and still didn't want to pay them 50 Bitcoins (about $20M), that goes to show that Sony would rather let that data loose into the net than pay 50 bitcoins as a first attempt at preventing data leaks.

If this is Sony's strategy. Then any hackers wanting to goof around for laughs or get back at Sony for not paying might as well just hack again and release, since Sony wont care about doing anything about it. Where even employee info isn't worth protecting if hackers get hold of it.
 
Last edited:
Sleepwalker

Sleepwalker

Member
Ar¢tos said:
Hmm
Would Insomniac have the encryption keys and sensitive data necessary to use any hardware/software flaw to jailbreak and increase piracy?
It's not worth as much now with every game requiring an Internet connection, but still, there are a few rare games that release complete and don't require internet.
Some piracy group could be interested in that.
Click to expand...

You can pirate games that don't ship complete anyway, once the homebrew can of worms opens up, ripping the games is the easiest part.

I dont think someone paid for any kins of thing, the PS5 has already been jailbroken, on older firmware granted.
 
X-Wing

X-Wing

Member
StreetsofBeige said:
It'd be interesting to know how much and what files Sony knew hackers stole. And how detailed hackers were telling Sony they had this kind of data.

If both sides didn't know or communicate what's at stake, Sony could just call their bluff assuming they got nothing. You never know, maybe hackers made an extortion attempt and literally had zero files.

If Sony knew games data, financials and employee data were stolen and still didn't want to pay them 50 Bitcoins (about $20M), that goes to show that Sony would rather let that data loose into the net than pay 50 bitcoins as a first attempt at preventing data leaks.

If this is Sony's strategy. Then any hackers wanting to goof around for laughs or get back at Sony for not paying might as well just hack again and release, since Sony wont care about doing anything about it. Where even employee info isn't worth protecting if hackers get hold of it.
Click to expand...

It is irrelevant whether Insomniac knew which data had been stollen or not, once it was stollen they had no longer control over it. Paying the ransom would not restitute control over the data and it would offer zero guarantees that the data would not be further sold or used in any way.

It would also send out the message that any other group should attempt the same because it would pay off and it would make them a desirable target for further attacks.
By refusing to pay they are not giving in to blackmail and sending out the message that regardless of the data stollen they won't be paying so it's pointless to hack them.

They are much better off using that money to pay for credit and identity theft monitoring to their employees and to mitigate the possible negative effects of this attack.
 
ReBurn

ReBurn

Gold Member
No If they already broke in and stole your data would you trust them to not release it if you paid them? It just proves you're open to further exploitation.
 
Dacvak

Dacvak

No one shall be brought before our LORD David Bowie without the true and secret knowledge of the Photoshop. For in that time, so shall He appear.
No, but I’d offer a reward to the person who snitches on the hackers.
 
StreetsofBeige

StreetsofBeige

Gold Member
X-Wing said:
It is irrelevant whether Insomniac knew which data had been stollen or not, once it was stollen they had no longer control over it. Paying the ransom would not restitute control over the data and it would offer zero guarantees that the data would not be further sold or used in any way.

It would also send out the message that any other group should attempt the same because it would pay off and it would make them a desirable target for further attacks.
By refusing to pay they are not giving in to blackmail and sending out the message that regardless of the data stollen they won't be paying so it's pointless to hack them.

They are much better off using that money to pay for credit and identity theft monitoring to their employees and to mitigate the possible negative effects of this attack.
Click to expand...
It's very relevant.

If Sony/Insomniac knew all they stole was useless files, who cares if they unleash it.

If they knew hackers stole (or the hackers even told or showed them what thy stole) roadmaps, financials, Marvel license agreements and employee personal data, but preferred to save $20M, it shows they'd rather save $20M then try to resolve the issue paying a fee as a first time attempt.

Paying money for extra security and credit monitoring should happen no matter what. It all comes to whether they think paying $20M is worth paying to potentially fix the issue. Hey you never know, maybe after getting paid the hackers would release the info anyway for laughs. But at least the attempt is there.

Not doing anything about just tells employees anytime there's a breach of private data, Sony wont do anything except maybe pay for extra firewalls and credit monitoring.
 
Last edited:
X-Wing

X-Wing

Member
StreetsofBeige said:
It's very relevant.

If Sony/Insomniac knew all they stole was useless files, who cares if they unleash it.

If they knew hackers stole (or the hackers even told or showed them what thy stole) roadmaps, financials, Marvel license agreements and employee personal data, but preferred to save $20M, it shows they'd rather save $20M then try to resolve the issue paying a fee as a first time attempt.

Paying money for extra security and credit monitoring should happen no matter what. It all comes to whether they think paying $20M is worth paying to potentially fix the issue. Hey you never know, maybe after getting paid the hackers would release the info anyway for laughs. But at least the attempt is there.

Not doing anything about just tells employees anytime there's a breach of private data, Sony wont do anything except maybe pay for extra firewalls and credit monitoring.
Click to expand...

Pay $20M to finance a criminal group in the hope that they would keep their word would be the dumbest thing to do.
Security experts would have (and most likely did) told Insomniac to not pay it as it would do nothing in guaranteeing the safety of the data.

I've posted some interesting articles on this subject on the previous page, if you have interest in it you should check them.

Also "pay for extra firewalls", really?
 
Jesb

Jesb

Member
Why does all their data have to be connected online? Maybe they should reconsider that business model.
 
Freelance Yakuza

Freelance Yakuza

Member
//DEVIL// said:
I get ransome emails every day from hackers in my junk mail saying they saw me rubbing one off on cam without me knowing and they want 5000$.

Poor bastard been trying for years. Not gonna pay shit heh
Click to expand...

DUDE, I got one of these emails and posted a joke about it on Instagram. A fellow graduate student told me that people in another graduate program at the Biology Institute received the exact same email a while back, and there was even an internal investigation, lol.
 
RoboFu

RoboFu

One of the green rats
No none of that data really matters except for maybe investors. Even then things change so no it isn’t worth legitimizing these low lifes.
 
Last edited:
simpatico

simpatico

Member
Closers pay and move on with their lives. Its the dummies who get the worst of both worlds by getting embarrassed and burning money to repair the fallout.
 
You must log in or register to reply here.

Similar threads

Ransomware group claims to have breached Sony
2 3 4 5
215
18K
ArtHands replied
Epic Games (Allegedly) Hacked in Ransomware Attack
2
60
3K
ssringo replied
Xbox's automated 'moderation' systems need to be scrapped. Microsoft has fired thousands of customer service employees, and replaced them with AI
Opinion News Drama 2
93
6K
StereoVsn replied
I am a professional hacker...
38
2K
kurisu_1974 replied
Phil Spencer on what the hell is happening in the games industry and why exclusives have become a risky business
Business Game Dev 3 4 5 6 7
301
18K
ProtoByte replied
Top Bottom