The Law Offices of Mary N. Chaney, P.L.L.C.
The Cyber Security Law Firm of Texas

Mary's Blog

The Breach Whisperer

About Mary....

Mary N. Chaney, Esq., CISSP® is a former Special Agent for the FBI where she investigated cybercrime, a seasoned corporate executive that built and operated information security teams and now a cybersecurity attorney.

As a self-described “Breach Whisperer” our firm can train your company to properly prepare for your eventual breach!

The overall goal of our firm is to use our wealth of knowledge and expertise to help support, translate and advise, Boards of Directors, CIO's, CISO's and General Counsel's on how to legally protect their company from cyber related risk.

Blog Entries


 

When Ransomware Becomes A Targeted Attack

See Article Here

When you lose $40 million to a ransom attack, that hurts, when you find out its a new variant that appears to be high touch, you should start to think about your competitors. Norsk Hydro, a Norwegian Aluminum maker, was hit with a LockerGoga ransomware attack on March 18th and they still have not fully recovered.

When I say the LockerGoga ransomware appears high touch, I mean that according to researchers the actors manually copy and encrypt files from computer to computer. How inefficient, especially if all I want is for you to pay the ransom. Another curious thing to note is that the attackers do not send BitCoin information, instead giving the company an email address for communication.  

Putting on my former law enforcement hat and thinking like a criminal it appears to me that the objective may be to disrupt operations more than to get paid by the company. For instance, if I am a competitor to Norsk Hydro, and we were both bidding on a contract, I could attack their company, disrupt their ability to deliver and win the bid. If I tarnish their reputation, even for a couple of weeks, that may give me the edge I need to win business. This is of course all speculation but when you take the simple thought that there is a person behind each strand of code being produced, and that person (or group of people) have a purpose and objective and you see that there is uniqueness about the way the code is being used (who actually goes computer by computer to infect a machine), it follows that the threat actor may only want you to be hindered and doesn’t really care about the money.