“A lot of people were frustrated that we weren’t sharing enough, and I understand that,” CEO Elliot Luchansky told attendees at an online town hall hosted by technology consultant Joe Woodard on Thursday. “We were withholding information — but that was done strategically for a very good reason. This was a ransomware attack, and there were human beings involved in real-time in carrying out the attack, so we had to assume they were monitoring what we said.”
“We were negotiating a ransom while sharing information publicly — it put us in a really tough bind,” Luchansky continued. “Transparency is something we take very seriously — we would have preferred to handle it totally open book, but that wouldn’t have been in the best interests of our customers. We had to assume that the attackers were listening.”
“Not showing your hand is part of winning that battle,” confirmed Woodard.
In the end, though, the company decided not to pay the ransom the attackers demanded.
“A few factors played into that,” Luchansky said. “The cybercriminal community is constantly sharing things with each other. We had reason to believe if we paid the ransom — a very substantial amount that we were ready to pay in cryptocurrency — it would put a target on our head in the future.”
What’s more, because the company had identified the attack early and taken immediate steps against it, much less of its data was maliciously encrypted by the attackers, so paying them to ..
Support the originator by clicking the read the rest link below.
