After a breach affecting thousands of institutions, Canvas's decision to reach an agreement with attackers highlights how ransom negotiations risk turning cybercrime into a predictable business model.
There’s no honor among the dishonorable, as a Brazilian analyst would say:
I wouldn’t doubt the thieves are still holding to copies of the data they stole, just waiting either for another opportunity to blackmail those affected again, to use the data for other nefarious means as a shell group, or to sell it to another ill-intended group without leaving traces.
From stealing and putting a price on people’s private data and possibly their safety, and to the possibility of dishonoring a “sales” contract, the morality bar was already pretty low on the two concrete cases, so the third would be easy to do on this standpoint.
Ransomware gangs are actually normally pretty good about this. If they leak afterwards they lose all credibility to get another company to pay in the future.
There’s no honor among the dishonorable, as a Brazilian analyst would say:
I wouldn’t doubt the thieves are still holding to copies of the data they stole, just waiting either for another opportunity to blackmail those affected again, to use the data for other nefarious means as a shell group, or to sell it to another ill-intended group without leaving traces.
From stealing and putting a price on people’s private data and possibly their safety, and to the possibility of dishonoring a “sales” contract, the morality bar was already pretty low on the two concrete cases, so the third would be easy to do on this standpoint.
Ransomware gangs are actually normally pretty good about this. If they leak afterwards they lose all credibility to get another company to pay in the future.