Joe Uchill

There was a point 8 years ago when attacking hospitals was too much for ransomware practitioners.

After the Hollywood Presbyterian ransomware attack in 2016, the majority condemned it on criminal forums. One reported quote:

"from the bottom of my heart, I sincerely wish that the mothers of all ransomware distributors end up in the hospital, and that the computer responsible for the resuscitation machine gets infected with [the ransomware]"

Feb 28, 2024 at 11:46pmWeb
Show threadJoe UchillFeb 29, 2024
Here's some links on that point:
https://flashpoint.io/blog/ransomware-ethical-dilemma-eastern-european-underground/
How Ransomware has become an ‘Ethical’ Dilemma in the Eastern European Underground

Researchers from Anomali and Flashpoint observed that ransomware has become a nuanced ethical dilemma among Eastern European cybercriminals.

Flashpoint
Show threadJoe UchillFeb 29, 2024
https://www.zdnet.com/article/hackers-split-on-ethics-of-ransomware-attacks-on-hospitals/
Hackers split on 'ethics' of ransomware attacks on hospitals

Ransomware might be lucrative for some cybercriminals, but there are those who condemn holding hospitals to ransom.

ZDNET
Show threadAlanFeb 29, 2024
@JoeUchill Ransomware criminals having higher ethical principles than the IDF was not something I had on my... 2016 bingo card?
Show threadBrett CallowFeb 29, 2024
@JoeUchill In 2016, the average ransom was less than $5k whereas it now stands at $1.5 million. That's probably changed people's ethical boundaries. So too will the US's support of Ukraine.
Show threadJoe UchillFeb 29, 2024
@brett
Like my mom always said: Never risk killing children for less than $1.25 million.
Show threadjonas Mar 1, 2024
@JoeUchill interesting reading, but this years ago, before the attack on Ukraine. How is the current state of this mentality? Is it now more legitimate to attack hospitals?
Show threadJoe UchillMar 1, 2024

@jbg
I was posting this in response to a children's hospital being hit by ransomware - so it's safe to say criminals are more lenient than they used to be.

As @brett notes, average ransoms are up dramatically since 2017, which might loosen morals a bit.

Generally - and this rule has been true forever - the only rule for these groups is not to attack within the Russian Federation.

Show threadJoe UchillMar 1, 2024
@jbg @brett
Emsisoft calculated more than 140 hospitals across nearly 50 hospital systems were hit by ransomware in 2023. It's a thriving business.