[shittyadmin]

I feel this is actually a decent service for a few reasons:

- Many average users don't want to understand cryptocurrencies, how to safely and securely buy and use it is a challenge in and of itself.

- They're on the hook and the client pays nothing if the ransomer fails to provide a working key.

- They'll also manage the ransom decryption software - if there's problems with it there are 3rd party tools that can often do a better job of decryption than the original decryption tool, again, this is something that's going to be complicated for average users to deal with.

- For some ransomware there are decryption processes available without the need to pay the ransom, figuring out which of these applies can be challenging

- Certain institutions may be unable or unwilling to work with the attacker directly - introducing a middle man to broker can help solve this.

Overall the piece seems somewhat hyperbolic.

[jplayer01]

Yeah, seems like a great service to a certain degree. But it's not the service they're selling and they're lying to their customers. Their service incentivizes ransomware authors, so this absolutely needs transparency. I assume most people go to them because they want the problem solved but they feel they shouldn't be paying the hostage takers. "we don't negotiate with terrorists" comes to mind. So if this service is doing exactly this and making the situation worse for everybody else, this is something that needs to be consciously weighed off and decided by the people considering their services.

[Timpy]

If they're making money from ransomware they have no incentive to stop or prevent ransomware. Being the English speaking liaison for ransomware isn't really that different from being an accomplice after a certain point, they both get their cut as long as the industry is booming.

[londons_explore]

I wonder how many of these "white hat middlemen" are also the ransomware owners...

Obviously the two companies collaborating would give benefits to eachother, and it might just be a convenient way to seperate the illegal from the legal...

[elliekelly]

This was my first thought as well. What’s the biggest risk when you’re paying the ransom? That the thief will run off with the bitcoin without providing the key. The easiest way to mitigate that risk is to either collaborate with the thieves or become the thieves.

[TheOperator]

Bet they run the Antivirus companies too! It's all a racket!

[Scoundreller]

It can be better to know, but ignore the truth, to avoid unsavoury corporate discussions like:

“Are we paying a bribe? I’ll have to create a new line item in SAP for that” asks Alice from accounting,

and

“I need them to sign this form saying they haven’t tortured anyone in the past 5 years”, Bob from procurement auditing.

Or

“Please have one of their senior directors sign this form declaring that none of their funds employees are based in any of these embargoed countries. I’ve attached the list.” Charlie from legal

[wolfgke]

> Their service incentivizes ransomware authors, so this absolutely needs transparency.

I don't think that companies that offer ransomware decryption services have a problem with this incentive. More ransomware means more customers for their "decryption services". ;-)

[AznHisoka]

For most people, they want their problem solved, plain and simple. And they rather not know the details on how you solved it or how it affects others. especially when it comes to something as urgent as someone holding your data hostage. So to a degree, I am OK with this service.

[jfk13]

> they want their problem solved, plain and simple. And they rather not know the details on how you solved it or how it affects others

In general, this sounds like a dangerous attitude. Asking people to do "whatever it takes" to solve an immediate problem, with no consideration of wider or longer-term effects, frequently leads to more trouble in the end.

[AznHisoka]

Yep, I agree, but it's easier said than done, especially when there's a hair on fire situation.

[UweSchmidt]

Wow, is the world drowning in cynicism? I want a service that breaks the ransomware encryption and researches into that direction to ultimately make the incredibly hurtful extortion of vulnerable computer users not viable. To me these companies are criminals if they facilitate the extortion.

[teekert]

Exactly at this point the "decrypter" companies are just partners of the cyber-criminals, they have the same incentives, share the same profits and both are unethical.

[lozenge]

Not quite the same incentive - one needs to stay anonymous as they are breaking the law, and the other is legal and can operate in plain sight.

[teekert]

It's legal to lie about paying the extortioners?

[Scoundreller]

At worst, it’s breach of contract. At best, it makes the accounting and legal checks on your supplier very easy.

$10k to Bob’s IT consultancy within the same state is a lot easier than $10k that ultimately leads to a country that may be embargoed.

[usrusr]

> easier than $10k that ultimately leads to a country that may be embargoed

In which case the middleman/coconspirator would add one more, completely unrelated crime to their list.

[failrate]

Those aren't incentives, those are just operational parameters.

The incentive in both cases is money, specifically from people who feel vulnerable enough to pay but not so vulnerable that they give up hope.

[peteradio]

front-end vs back-end

sales vs engineering

triage vs diagnostics

collections vs billing

Sounds like a complete service being offered by two separate legal entities with the purpose to evade.

[lozenge]

Most ransomware is using standard public key cryptography, there is no chance of breaking it. If it is broken, only the intelligence agencies would know. They wouldn't use this weapon on something so trivial.

[cyphar]

In that case companies shouldn't be advertising services they cannot provide without facilitating crime (especially since they lie and tell their customers they aren't paying the criminals). Smells an awful lot like fraud, if not an outright criminal conspiracy given they are skimming the proceeds of a crime.

[EthanHeilman]

Lots of ransomware is very poorly written. There have been a number of ransomware cases in which people were able to recover the keys.

[rini17]

There is indeed such a service, it's called "versioned remote backup". As long as the ransomware is not specifically targeting the backup client in order to damage the backed-up files, you just reinstall and restore.

[el_benhameen]

And all of that would be a fine service if they were honest about it.

[acct1771]

Plausible deniability for a CTO that doesn't want to be known for negotiating with terrorists As A Service?

[infogulch]

TNaaS: Terrorist Negotiation as a Service. It's the biggest new craze since blockchain.

[TeMPOraL]

There already exists ransom insurance (the real-life kind of ransom), and private ransom negotiators, so TNaaS isn't such a stretch at this point.

[taneq]

Professional negotiator is a well respected role and they're used all the time by police etc. This seems like a fairly direct analogue, so...?

(Full disclosure since someone else was asking for it: I have nothing to do with any of this stuff.)

[Retr0spectrum]

Other than the fact that they are directly facilitating crime...

[stOneskull]

It would be a crime to put hospital patients in danger

[Sir_Substance]

I'd throw two more hats into that ring:

- It looks bad to the public if companies directly pay the ransomware creator. Decryption companies can act as a PR "buffer" in that respect.

- By funneling the western worlds contact with ransomware creators through a small number of companies, we create an incentive for ransomware creators to follow through with providing the decryption keys and not play games with the price. If they fail to hold up their end of the bargain, their reputation will immediately be ruined within the small number of companies that do this.

[dearrifling]

And surely there is nothing wrong with the alignment of ransomware authors' and this friendly service's incentives.

[smsm42]

It would be decent if it openly advertised as middleman broker service for paying the ransom to the criminals. False advertising is always a bad sign - if you need to hide what you're doing from your client, you know the client wouldn't like it, and are setting up to deceive them.

[Haga]

Full disclosure?