David Beckham refused to pay £1 million to blackmailers to stop a leak of his emails, it has been reported. Hackers believed to be using Russian servers accessed millions of messages and documents from the computer system of Simon Oliveira’s agency which runs Mr Beckham’s publicity. The cyber criminals allegedly demanded a sum of one million euros – close to £1 million – not to expose the sensitive emails. IT security experts from Lieberman Software, AlienVault and ESET commented below.

Jonathan Sander, VP of Product Strategy at Lieberman Software:

Jonathan Sander“Cybercrime powered blackmail is a police matter and it’s good that David Beckham treated it that way by going to the authorities. Too many people and organizations, faced with ransomware or more targeted cybercrime, treat it like an IT issue not a criminal affair. That hurts them and also hurts the overall community because it robs the authorities of a full view of the activities of the bad guys. There may be electronic fingerprints in one case that’s never reported that would solve dozens of others sitting on file.”

.

Javvad Malik, Security Advocate at AlienVault:

Javvad MalikWhile third party security has been a concern for many large Enterprises, this incident goes to show that individuals and small businesses are just as likely to be compromised by attackers.

Companies that deal with others’ data need to be extra vigilant against attackers who may want access to their client’s data.”

.

Mark James, IT Security Specialist at ESET:

mark-james“Celebrities are always going to be a high level target when it comes to cyber criminals and blackmail. In all cases of blackmail (including ransomware) there is a chance that even if you do pay the initial payment there is nothing stopping the criminals from asking for more money once you have paid. In this case your decisions are fairly limited; do they actually have the material? Do I want it in the public domain? What if they want more money? And of course the problem with a digital ransom is they could easily make copies to use later or sell on to other sources and you’re back to square one!

The most sensible thing to do here is not pay the ransom, notify the police and deal with the outcome. The emails themselves may or may not be released and of course knowing they could easily be manipulated to bring disrepute to the owner means you have no real control of how they may be received by the public, honesty is the best policy.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.