Outdoor Media Association paid $5,000 to cyber hacker to retrieve lost data
The Outdoor Media Association paid $5,000 in the form of bitcoin, to retrieve more than 60 weeks of data, after the company experienced a cyber attack last month.
In a blog on the OMA website, chief executive of the association Charmaine Moldrich, has offered tips to avoid being cyber hacked, after the company was attacked at 10:25pm several weeks ago.
“In my living memory, there were a couple of decades (namely the 1960s and ‘70s) where bank robbers were a dime a dozen. It seemed that armed robbers were on the TV news and front pages of newspapers just about every day,” she wrote.
“But the turn of the 21st century seems to have brought a new age type of robber – the cyber robber – who seems to have taken over the heists in this new digital interconnected world.”
Moldrich explained the company’s last full off-site backup was six-and-a-half weeks old, which “ostensibly” had meant the company lost 65 weeks of work (10 employees x 6.5 weeks).
However, the hacker did not get into bank accountants or the association’s key business function, MOVE.
Charmaine Moldrich: “I was willing to risk losing $5,000 to get back 65 weeks information”
She said the association had previously discussed an off-site back up and a computer upgrade but had stalled actioning it as the association had overspent its capital budget.
“That decision cost us $5,000 in cash and close to $20,000 in productivity losses,” she said.
Although told not to pay the hackers, Moldrich said she couldn’t let go of the fact she had lost 65 weeks of work, arguing it was a matter of “risk analysis”.
“I was conflicted, but I was willing to risk losing $5,000 to get back 65 weeks information,” she wrote.
“What I learnt was that it is less of an issue of hackers reneging on their side of the deal, and more about security agencies/good hackers shutting down payment links to disrupt the hacker’s activities (and therefore also interrupting the two-way flow between the bitcoin ransom being paid and the key to unlock the files being sent).
“While I was resolving this conundrum, we tried to purchase a bitcoin. This isn’t as easy as you may think. Rookie mistake number one: trying to buy bitcoin with a credit card! It can’t be done. But who has a lazy $3,000 hanging around in cash to pay for a bitcoin?
“Notwithstanding this, buying bitcoin via a bank transfer involved far too many levels of information disclosure, and this made me very nervous.”
Moldrich went on to explain a “cyber angel” has bypassed the hackers’ link and allow for direct negotiations through the dark web.
“We were finally able to send the hackers a file to unlock, to prove that they were genuine and had the solution,” she said.
“Once we received the file back, unlocked, our cyber angel purchased the bitcoin, made the transfer, and again, via a secure link on the dark web, directly paid our cyber robbers.
“It all feels like a long distant memory now and we were lucky,” she concluded.
“The week felt a bit surreal and it reminded me of that famous Albert Einstein quote: ‘I don’t know with what weapons World War III will be fought, but World War IV will be fought with sticks and stones’.
“In our case, it was obvious that the loss of the 21st century gains, took us straight back to the 19th century.”
