Charities, non-profit organizations and related organizations Security experts are confused and legal experts are wary that they should be safe against a new development in the world of cybercrime – extortion ransomware Victims of charity.
First the BBC report, The tactic adopted by a relatively new ransomware group called DarkSite, is one of the growing numbers Sophisticated and professional Cybercrime groups that take a commercial approach to the ransomware game.
Darkshide, In its appearance in early 2020, Went so far as to create a genuine press release revealing how carefully it analyzes the funds of its targets before an attack, and makes it a point to never attack medical institutions, nonprofits or government agencies.
Now the group has decided to “return something” and in a blog post on October 13 said it was “fair” that some of the money confiscated should go to charity. It paid 0.88 bitcoin, or $ 10,000, to two US-based charities. Children International Missouri and Water project In New Hampshire Giving Black, A company set up specifically to manage cryptocurrency donations to charities. The DarkSite group also issued tax receipts for donations.
According to an initial report, Children International has stated that it has no intention of keeping the money, while The Giving Black has already begun an investigation into where the funds came from and how to repay them.
But what are the uprisings for companies that can find themselves at the end of receiving such donations? This is not a tricky question for Judy Creek, a partner in law firm Fieldfisher. “In short, the answer is: don’t do it,” he told Computer Weekly.
Under the law, accepting ransomware payments in any form, technically speaking, is fraud.
Money confiscated through ransomware attacks becomes the proceeds of the crime, also known as criminal property. Therefore, under Section 329 of the UK, Greg said Income of the Criminal Code 2002, Primary UK Anti-Money Laundering Act An offense is committed by an organization or individual who buys, uses or holds criminal property.
Jawad Malik, a security awareness lawyer, says the law is clear about profiting from cybercrime KnowBe4, Says that such philanthropic acts would still have given the recipients a moral embarrassment, however easily overcome.
“It should not be seen in the past that money was obtained illegally through criminal activities and that no charitable contributions can destroy it,” Malik said.
“Whenever a company extorts money through ransomware or other means, that money affects real people. Many have lost their jobs over the years, and have been Companies that do not, And there has also been some talk recently about the role to be played in ransomware Unfortunate death One patient is taken to another hospital.
“Criminals need to understand that there is a real impact on their actions, and that giving a sum to charity cannot compensate for that.”
Communicate with people
Kelvin Murray, senior threat researcher Webrot of carbonate, Said donors are trying to whitewash their image in line with the growing trend among ransomware operators.
“We saw this with the maze mob, among others, reminding us that throughout the Govt-19 epidemic they did not consistently target hospitals. Out of moral concern,” he said.
“This is in line with the relatively new tactic of stealing data from their victims. Threatening to post publicly on websites. These big gangs also make a lot of public posts on the dark web as they engage clients in court Creating business alliances.
“I can only imagine that public relations now cares more about them because they rely more on publicity and good faith from their partners and victims in order to successfully carry out extortion tactics.”
Comparitech.com Security expert Brian Higgins takes a similar view. “I suspect it’s nothing more than seeking the attention of the DarkSite group,” he said.
“Firstly, $ 10,000 is a paltry sum compared to the large sums of money they confiscated from victims, so this is not a big philanthropic gesture. Second, no trustworthy charity will accept donations that prove the proceeds of the crime.”
According to Higgins, in making these donations, DarkSite tested the water to try to swindle the proceeds of its efforts, but the possibility of the perpetrators being in their hands for too long was high, he said. To mention tapping “too much” stolen money. After all, there is a limit Number of Lamborghinis One can show prominence on Instagram without attracting attention.
“If they were really serious about making the world a better place, they would all be selling their laptops and staying away from the Internet,” Higgins said.