Scottish mental health charity SAMH has announced that it has been left "devastated" by a ransomware attack that has seen personal information spilled out onto the net.
In a statement, SAMH chief executive Billy Watson said:
"We are devastated by this attack. It is difficult to understand why anyone would deliberately try to disrupt the work of an organisation that is relied on by people at their most vulnerable."
SAMH (the Scottish Association for Mental Health) helps provide care and support for adults and young people suffering from issues with their mental health, and campaigns to influence positive social change.
It doesn't sound to me like an organisation that is rolling round in money, dripping in diamonds, with plenty of cash going spare to convert into cryptocurrency to fill the digital pockets of its extortionists.
And yet the RansomEXX ransomware gang has seen fit to publish on the dark web 12GB of data stolen from the Scottish charity, including unredacted photographs of individuals' driving licences, passports, personal information such as volunteers' home addresses and phone numbers, and - in some cases - even passwords and credit card details.
SAMH's Watson explained that the charity was doing what it could to continue to support those in need, despite the problems caused by the ransomware attack:
"Our priority is to continue to do everything we can to deliver our vital services. My thanks to our staff team who, under difficult circumstances, are finding ways to keep our support services running to ensure those they support experience as little disruption as possible."
So, here's my message to RansomEXX:
You're not going to get paid a ransom by SAMH - they simply don't have the means to spend money on extortionists when they need every penny they can to support those with very real needs.
So stop dreaming they'll pay you. Hand over the decryption keys to SAMH so they can restore their systems, and permanently erase the information you have stolen from them. If you have an ounce of decency within you, help the SAMH in their hour of need.
And think long and hard about the many innocent victims that find their lives disrupted and inconvenienced when you launch a ransomware attack.
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsDecember 19, 2024
November 14, 2024