Carlson Wagonlit Travel, is an American company specializing in the management of business travel. A victim of blackmail, she paid $ 4.5 million to cybercriminals who claimed to have stolen a large amount of data, sometimes personal. Analysts from CybelAngel, a French group specializing in data leak detection, have discovered the exchanges between these web pirates and Carlson Wagonlit Travel. They reveal almost courteous relationships and a surprising dialogue between victim and blackmailers.
>> ALSO READ - "Cybercrime SMEs": who are the hackers behind the cyberattack on the Rouen University Hospital?
"We are businessmen just like you"
"We appreciate that you are ready to make a deal quickly. We are business people just like you." Politeness dominates and criminals even offer a discount for prompt payment. Requiring $ 10 million at the start, they will finally agree to go down to 4.5 after having estimated that their victim was already hard hit by the health crisis.
"The attacker puts himself in a position where he says he understands his victim. Which is a very perverse and unhealthy attitude but which is quite common," said Erwan Keraudy, CEO of the CybelAngel group who discovered the conversation. Ironically, the hackers even go so far as to give advice to the company to better secure its data.
>> Find the morning show of the day in replay and podcast here
According to Erwan Keraudy, this attitude makes it possible to maintain a "relatively peaceful climate" in a "completely exceptional situation". But do not be mistaken: "You must not pay", he asserts. "Hackers are not there to protect you and give you advice but rather to make money." For the specialist, one thing is certain: you should never try to negotiate with hackers, but rather cut short the discussion or file a complaint directly.