The BBC informs us(via another route) that there is a new business in town, this business works on the old premise of the bully and the backstabbing method called Ransomware. Now, this method was not unknown, we have seen it before, yet the article (at https://www.bbc.co.uk/news/technology-57946117) called ‘Ransomware key to unlock customer data from REvil attack’ gives us “US IT firm Kaseya – which was the first to be targeted earlier this month – said it got the key from a “trusted third party”.” Yes, this might sound true, but I still have an issue here. And the quote “Kaseya’s decryptor key will allow customers to retrieve missing files, without paying the ransom. The company’s spokeswoman Dana Liedholm declined to answer whether Kaseya had paid for access to the key”, I get it, Kaseya accepts that there is a cost to doing business, without the key they are helpless, but in this instance they have also given voice to the new business. This is not on Kaseya, ransomware is a much larger stage and the law is not ready to deal with it. So when we get “But members of the group disappeared from the internet in the days following the incident, leaving companies with no way of retrieving the data until now”, I think that it was not merely fear. I think that they found a weakness in their armour and they needed to fix it, perhaps the FBI and NSA got too close? It is speculation, but I reckon that any hacker inviting the wrath of the NSA has something to fear, only the stupid do not fear that hunting machine. So when we get to the jewel of the article, a setting that describes a few elements by Joe Tidy (Cyber reporter), we see “Firstly, giving away the key now is far too late for most of the victims of this massive ransomware attack. Secondly, the mystery gifter was most probably linked to – or working with – the criminals directly.” I feel that he is on the right track, I get that Kaseya prefers the term ‘trusted source’, but that does not put Kaseya in the clear, moreover, as I reported the massive bungles that were made and the lack of oversight within Kaseya gives them a reason to cooperate with organised crime, but not a right, a right to do that is a form of treason towards ALL their customers and as Joe said it “giving away the key now is far too late for most of the victims of this massive ransomware attack”, if you doubt that call Coop (at +46107400000) and ask them the damage of 500 supermarkets shutting down, as well as a loss of data. And then Joe gives us the gem at the heart of this “I’m told by a hacker who claims to be a part of the inner circle that it was “a trusted partner” who gave the key away on behalf of the group’s leader, who calls himself Unknown. My contact says it’s all part of “a new beginning”.” I understand that this is hard to swallow and optionally it is a form of bragging, but I am not convinced that this is the case, as Joe gives us “it could well be the start of something else”, yes that has the ring that sounds true. It is the start of a new business venture and Kaseya is merely the pilot. In this we have two sets of minds, the first is that the shortsighted greed drive of Kaseya (as I discussed it in ‘Dream number three’, at https://lawlordtobe.com/2021/07/06/dream-number-three/) needs to have consequences. The dominant sales types with their ‘we’ll fix it down the road’ can no longer be allowed in this industry. The second part is that we have no choice but to return to a stage of targeted killing, and I do not care whether one of the hackers is a poor little 16 year old person hiding behind ‘minor protection laws’, they guilty they get the $0.17 solution (price of a 9 mm bullet). We have no choice, the law did nothing for too long, giving hackers pass after pass as they ‘claimed’ that it was the only way. Well, so far it did nothing for a lot of people spanning a timeline that is a little over a quarter of a century, it is like an armistice race with too many casualties and the law merely shrugging at the damage that was not theirs. With Kaseya a large corner is turned and Kaseya partially has itself to thank for that. And in all this is has become time to recognise that Kaseya is not merely a victim (no matter what Dana Liedholm tells us), it did this to themselves as the source in the other article “were helping Kaseya plug the hole long before the hackers found it”, as such the ‘we’ll fix it down the road’ no longer holds water, especially as we take tally of the victims that are victims because of the shortsightedness of Kaseya. And they are not alone, there is every indication that the Microsoft exchange group and Solarwinds are part of that same stack. I have personally seen how the needs of proper testing took a back seat to Marketing and the board room drive of greed in more than one instance and that too needs to be addressed, yet I feel that the media will paint over that part with articles in emotional ways, their stake holders will not allow that to be any other way, adhering to their bonus whilst relying on marketing and sales to set out a new path based on ‘we’ll fix it down the road’, should Joe Tidy be correct (and I believe he is), we will soon see a new wave of REvil attacks and the law will be on the sidelines, as will governments all pointing at one another, all whilst keeping their ‘friends’ out of the line of fire.
It is merely my look on things, and I expect to be proven correct before the end of 2021.