Recently, Drake International, which is a Canadian-based company that deals with job placement, experienced deliberate information extortion attacks from a hacking group. The group main agenda was to extort payment from the firm so as not to discharge personal information of individuals who previously utilized the firm’s services. The firm, which has offices in nine countries, has been confronted with extortion threats as more firms continue strengthening their securities to avert such security attacks.
Deliberate information extortion has grown over time and more firms have been faced with security breaches in which hackers extort payments. According to the article, information extortion has build up into a big problem, which many businesses experience but will not solve solely. Therefore, information extortion ought to be adequately addressed in order to determine the risks and mitigation. Otherwise, these firms will be confronted with the risk of damage mainly to the firms’ reputations and exposure to considerable business losses.
The article asserts that some groups for instance Anonymous allege moral or social objectives in which they seek to unearth corruption and exposed unaccountable governments. However, some of these hackers undertake in such activities in order to obtain money.
According to this article, the hackers got in touch with Drake International and delivered public threats to the firm on Wednesday through Twitter. The hackers had connected to a website through the social network in which they set down a $50,000 ransom in order to withhold the stolen private data. The hackers maintained that they possessed information on users from different countries for instance the U.K, New Zealand and Canada.
Nevertheless, Tony Scala from Drake International verified that the hackers had access to names, phone numbers, passwords and names of individuals who had acquired services from the firm. The firm would get in touch with the affected users through emails requesting them to alter the affected passwords. The firm confirmed to be working with the police and demonstrate no interest negotiating with the alleged group of hackers. Meanwhile, Chester who serves as the senior security advisor at Sophos Canada commended Drake after their failure to provide the $50,000 ransom, as well as informing the public on the threats to their private data. The practice is considered an unacceptable practice as most firms negotiate with hackers instead of taking steps similar to those from Drake International. The financers to such groups cannot admit to such actions as they understand the unethical implications of such cases.
According to Scala, the security breach is considered minor or limited, and the breach emanated from vulnerabilities in the old system. The old system contained several loopholes in which the hackers gained access to the old client files thus launching the extortion scheme. According to Wisniewski, the subsistence of the old databases that had been constructed under outmoded security procedures, which comprised of unencrypted passwords, may have been the security issue. These outdated security procedures have become the target of most unskilled hackers due to the simplicity of security and the risks areas of these systems. The article cited the case of Sony PlayStations and Qriocity users in which approximately 77 million users information was acquired by hackers. The attackers were considered to be the Anonymous group. However, majority of the acquired user information for that case mostly regarding credit cards was considered to be unworthy as the card numbers were already expired. The case on deliberate information extortion experienced by Sony is similar to that of Drake International with similar vulnerabilities. Similarly, Sony’s hacking attack was associated with an outmoded security systems installed prior to the introduction of the new system that possesses complex security provisions. The article also suggests other firms and networks that previously received security breaches that related to the faulty security systems, which allowed hackers to acquire user information.
The article demonstrates the seriousness of security breaches and the posed security risks and damages in which even technologically developed organizations have also been targeted by hackers. However, the firms are more concerned with the information held by hackers and the steps that companies ought to take in order to access the lost private data.
Consequently, firms are pushing the government to accept their proposal to subsidize IT protections in order for businesses to safeguard valuable private data since the matter is relevant to national security. Most companies have been spending minimally on cyber security considering the huge costs associated with the implementation of the most efficient security protections. In the meantime, the article asserts that the federal government ought to consider more insistent measures that require firms to strengthen their securities. The group presented on twitter as Rex Mundi claimed responsibility on hacking incidents in different companies for instance Dexia and AmeriCash Advance.
Hackers have continually tried to hack different company databases with most successes in companies with old and weak systems. The vulnerabilities arise in the architecture of these systems and the security procedures involved in the construction of the database architectures. The attacks are undertaken by an organized group of hackers with certain motives with some seeking to extort money while others seek to expose unethical practices or deals in companies and governments. However, according to the various cases presented, most of the database that hackers access are old although some of the private data may still be legitimate and can be utilized to conduct malicious activities on the unsuspecting users. Therefore, obtaining the stolen private information is paramount for the affected firms.