David Beckham refused to pay £1 million to blackmailers to stop a leak of his emails, it has been reported. Hackers believed to be using Russian servers accessed millions of messages and documents from the computer system of Simon Oliveira’s agency which runs Mr Beckham’s publicity. The cyber criminals allegedly demanded a sum of one million euros – close to £1 million – not to expose the sensitive emails. IT security experts from Lieberman Software, AlienVault and ESET commented below.
“Cybercrime powered blackmail is a police matter and it’s good that David Beckham treated it that way by going to the authorities. Too many people and organizations, faced with ransomware or more targeted cybercrime, treat it like an IT issue not a criminal affair. That hurts them and also hurts the overall community because it robs the authorities of a full view of the activities of the bad guys. There may be electronic fingerprints in one case that’s never reported that would solve dozens of others sitting on file.”
.
Javvad Malik, Security Advocate at AlienVault:
“While third party security has been a concern for many large Enterprises, this incident goes to show that individuals and small businesses are just as likely to be compromised by attackers.
Companies that deal with others’ data need to be extra vigilant against attackers who may want access to their client’s data.”
“Celebrities are always going to be a high level target when it comes to cyber criminals and blackmail. In all cases of blackmail (including ransomware) there is a chance that even if you do pay the initial payment there is nothing stopping the criminals from asking for more money once you have paid. In this case your decisions are fairly limited; do they actually have the material? Do I want it in the public domain? What if they want more money? And of course the problem with a digital ransom is they could easily make copies to use later or sell on to other sources and you’re back to square one!
The most sensible thing to do here is not pay the ransom, notify the police and deal with the outcome. The emails themselves may or may not be released and of course knowing they could easily be manipulated to bring disrepute to the owner means you have no real control of how they may be received by the public, honesty is the best policy.”
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.