QANTAS Cyber Incident

[Aeryn]

I thankfully have not noticed any increase in SPAM, Gmail SPAM protector is pretty good

 

[SYD]

why do hackers steal data from companies?

maybe malice in which they’ll completely screw up the targets data, or for ransom to get money.

Its illegal for a Australian company to pay bribes Overseas; is it illegal for an Australian company to pay a ransom?

It’s often primarily for the companies IP. Think countries that could benefit from that….

Otherwise, just a’holes that enjoy making cough of themselves…

 

[Daver6]

why do hackers steal data from companies?

maybe malice in which they’ll completely screw up the targets data, or for ransom to get money.

Its illegal for a Australian company to pay bribes Overseas; is it illegal for an Australian company to pay a ransom?

When it's customer data it's general for ransom.

 

[Himeno]

Its illegal for a Australian company to pay bribes Overseas; is it illegal for an Australian company to pay a ransom?

So it's legal for an Australian company to pay bribes in Australia?

 

[RooFlyer]

We have heard that Qantas is in contact with the hackers.

So, how's the discussion likely to to be going?

They are negotiating over our personal information, not their corporate info. No loss to Qantas if they say "get stuffed, no payment". So, how did the discussion go, I wonder?

So it's legal for an Australian company to pay bribes in Australia?

Tell us.

 

[Aeryn]

FYI FAQs Cyber Sanctions and Ransomware Payments

 

[RooFlyer]

FYI FAQs Cyber Sanctions and Ransomware Payments

Interesting. So as long as the Qantas 'ransomers' aren't Sanctioned, they can carry on.

 

[Aeryn]

Interesting. So as long as the Qantas 'ransomers' aren't Sanctioned, they can carry on.

It would seem so, and likely very possible some Aussie companies have paid ransoms, just not widely reported.

 

[justinbrett]

Caesars and MGM both got hacked (the two largest gaming companies in Vegas), Caesars paid the ransom, MGM didn’t.

IMO they should never pay. It only funds more hacks.

 

[RooFlyer]

Given the time that's elapsed, and the necessary short time from for data hackers to get money, and the absence of any noise relating to data being released, maybe Qantas has paid the hackers.

Wonder how that might appear on the balance sheet.

When I was working in Saudi and Egypt for a very conservative Australian mining company, we were told to get everything receipted and not to pay bribes. Not a problem. We got receipts and were reimbursed for for بقشيش. (bakshish ). Everyone happy.

 

[justinbrett]

Given the time that's elapsed, and the necessary short time from for data hackers to get money, and the absence of any noise relating to data being released, maybe Qantas has paid the hackers.

Wonder how that might appear on the balance sheet.

When I was working in Saudi and Egypt for a very conservative Australian mining company, we were told to get everything receipted and not to pay bribes. Not a problem. We got receipts and were reimbursed for for بقشيش. (bakshish ). Everyone happy.

Why on earth would they do that?

They’ve already taken the PR hit. QF can never know definitively if the data has changed hands - and the data in question for many is already out there. You can see on this thread countless people blaming QF for spam, phishing etc but it’s almost certainly a co-incidence. But who knows? You’re not going to see a headline that the data has been sold. It’s the dark web, not Amazon.

Makes absolutely no sense why QF would pay and not disclose that they had, zero PR gain and a further financial loss.

The Caesars data breach of 65M customers cost them US$15M in ransom (though Scattered Spider asked for 30). Likely the board bonus cuts might just be able to pay it (assuming pro-rata on the number of customers). But I don’t think they will, and if I’m wrong on that, I would think it would be made public. However I think that would be controversial and probably a net PR negative compared to doing nothing.

The payment couldn’t be made without the federal government knowing so I’m quite sure they would be consulted, who would have a very strong preference that QF didn’t pay. This isn’t something QF can hide.