On Sept. 25, 2023, an obscure cybercriminal group referred to as RansomedVC made the startling declare that it had “efficiently compromised all of Sony Methods.” The world sat up at what seemed to be yet one more ransomware raid on a well-known model title. Nevertheless, this one was a bit completely different from the same old playbook everyone seems to be used to. In response to the attackers:
“We wont ransom them! we are going to promote the information. attributable to Sony not eager to pay.”
Unusual Mirror World
So, not strictly a ransomware assault in any respect as a result of there was not going to be a proper ransom demand. This was extra like knowledge theft—a claimed 260GB—for a worth reported to be $2.5 million. Bizarrely, the group’s message even threatened to report its hack to the “EU’s GDPR company,” regardless of the attackers meant by that.
That is all assuming, after all, that the assault occurred in any respect, an uncertainty that hasn’t stopped somebody establishing a Wikipedia web page titled “2023 Sony ransomware hack” as if it had.
Welcome to the unusual mirror world the place issues occur, or maybe don’t occur, or maybe occur however are being exaggerated. Sony’s response on the matter was to ship a holding assertion to information retailers, together with Bleeping Pc:
“We’re at present investigating the state of affairs, and we’ve no additional remark at the moment.”
The truth that Sony hasn’t denied the opportunity of an assault could possibly be interpreted as an inadvertent admission, though It’s simply as possible that Sony doesn’t but know and is attempting to keep away from saying one thing deceptive.
Ransomware Attack or Data Extortion?
Extra notable is the bizarre MO of the attackers, commented on by security firm Flashpoint on the time of the group’s look in August.
The group’s ways look extra like knowledge extortion than traditional ransomware—purchase the information or we’ll promote it to another person. However what’s the distinction? Arguably, as a result of it means that paying the “ransom” is a aggressive bid relatively than a fee. It’s a refined distinction and maybe a meaningless one as everybody is aware of that even when a ransom is paid, knowledge will invariably nonetheless be bought.
Or maybe it factors to the longer term evolution of all ransomware. In a world the place knowledge could be stolen however organizations refuse to pay ransoms (or are stopped from paying them by regulation), this could possibly be a path ahead for attackers—create a extra open extortion grocery store for stolen knowledge.
Troubled Historical past
These potentialities underline how a lot cybercrime has developed since Sony was final bothered with cybersecurity troubles. First in 2011, when an assault on the PlayStation Community (PSN) led to the breach of 77 million accounts, then a later assault in 2014, when the corporate’s Sony Photos subsidiary was delivered to a standstill by a big knowledge leak later attributed to North Korea.
Despite the fact that large hacks like this appear much less possible right now, the temper round cybersecurity has darkened. Earlier than it was nearly well-resourced teams attacking massive corporations. Now, even tiny startups equivalent to RansomedVC can plausibly get their fingers on sufficient knowledge to trigger bother, concentrating on anybody and everybody at will.
