Online extortion can take various forms.
Othertimes businesses and end users find that their systems have been hit by ransomware and, in the absence of a secure backup, find themselves having to pay off the internet low-lives who attacked them for the safe return of the encrypted data.
And then there are the hacking gangs who are breaking into businesses, stealing corporate data and email archives, and then threatening to share it with security journalists who will write juicy stories about the information that has been stolen.
The idea, I suppose, is that the sheer fact that a company has been hacked does damage to the company’s brand. Partners and customers may be concerned, it might be bad for business. Malicious hackers, therefore, try to leverage the threat of releasing details of a hack in order to extort hush money.
I don’t have a problem writing about companies that have been hacked. But I feel considerably less comfortable when I feel like I’m an accessory to blackmail.
TheDarkOverlord is one hacking group that has been engaged in this practice lately, attacking an investment bank.
And most recently they hacked Gorilla Glue.
So when TheDarkOverlord hacking group contacted me a few days ago, sharing private links to email archives they had stolen from Gorilla Glue, I had some thinking to do.
TheDarkOverlord wanted me to download the stolen data and write about the private conversations and business plans. But no, I wasn’t prepared to play ball.
There are, no doubt, other sites who will be all too happy to get some cheap clicks at the expense of a company that has suffered a criminal attack.
But this isn’t one of them.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.