Is Obstructing Security Obstructing Justice?
by Dominic Alvieri
June 13th, 2023
What does a mushroom have to do with cybersecurity?
Let's put a name to what has been going on in the corporate world regarding ransomware attack communications. Yes, I said ransomware. The Schneier Blog just put out an excellent short blog on some of the legal tactics behind some of the recent delays for incident responders and security efforts.
How does one grow mushrooms?
If you know how to nurture mushrooms you're wanted in corporate public relation departments around the globe. In most cases to grow mushrooms you to keep them in the dark and feed them a lot of crap. Literally that's all you have to do. Very much like the lawyer-fed communication orders given to PR rooms to disseminate lately.
"to grow mushrooms you keep them in the dark and feed them a lot of crap."
In many cases I don't believe that every company would come forward if samples, flashes or exfiltrated data itself didn't leak out. Many companies wouldn't say a word about it. After being confronted several companies have come forward with vague crafted statements months after the fact. Truth be told sometimes it does take some time to do a complete forensic investigation.
Don't mention or use the word ransomware, say cyber incident. It sounds better. They didn't name names.
The Ostrich Policy
You could just bury your head in the sand and hope it goes away.
Employees of Highland Homes in Texas have reached out in April saying that their bosses kept denying the Alphv BlackCat posts claiming that they breached the company. BlackCat finally dumped alleged company data a few weeks ago in late May.
Accountability
If you are going to make money off of my data you have to protect it better. Stand up a be the good corporate citizen we always hear about.
Stay safe.
Dominic Alvieri
@AlvieriD