Security expert Benjamin Särkkä says that the Finnish white-hat hacker group is eager to break into a psychotherapy center Vastamo.
The task of so-called white hat hackers is to take care of information security, look for vulnerabilities in other companies' information systems and develop information security.
Read more: KRP: Investigation area the size of the earth, tens of thousands of victims - all this is known about the Vastamo tangle
The group has collected data crumbs and digital traces found on the internet and passed on all the information it found to the police.
The data can be, for example, screenshots of sites and messages or data containing metadata.
- This is not an organized activity.
We have such a group with similar ideology and the same motives.
We want to make sure that the police have all the information they can, that the perpetrator is caught and that people get help, Särkkä says.
- We provide the police with everything we think is relevant and important.
It is ultimately up to the police to weigh the information they receive, it is not our job.
Similarly, the police are wondering if there is enough evidence that a crime has taken place, although in this case it seems pretty obvious.
Särkä has his own clear opinion about the perpetrator.
- The person or group that has done this is, in my opinion, the lowest pollution!
It’s a great thing that people in difficulty have dared to seek help for their problems.
But I will not digest the fact that first the health information of such people will be stolen and money will be blackmailed by the intimidation that the information will be published online and a ransom will be required not to be published, Särkkä says.
Read more: Aleksi Valavuori, a victim of the Vastamo blackmail, sent a strong message to the criminal - "Congratulations on your trip, miserable reptile!"
- This is by no means the fault of the victims.
The victims have not done anything wrong and they could not have done anything different.
Särkkä thinks that, based on the cracks in the information received, it seems that there is probably not a technically highly skilled group of professional criminals behind the act.
- It must be assumed that this is a first-time person who, for one reason or another, has gained access to Vastamo's information and has thought that by tightening Vastamo, he will gain quick and easy masses.
The author has not been able to expect this to swell so big and that statements will be made up to the President of the Republic Sauli Niinistö, Särkkä presents.
- In addition, there is something about a person or group that they have no problem breaking the law, that is, a person or group of low morals.
It is not yet known how the hacker gained access to the patient information system about the information security leak at the Psychotherapy Center. Photo: Antti Hämäläinen / IS
In addition, the perpetrator may have some motive to blackmail the Response: the information has been accessed, and that information has blackmailed the Response and then individual patients.
At least immediately, the author has not had an interest in publishing all the information he or she has received.
Särkkä mentions that there is still no information on how the author has accessed patients' personal and health information.
- Some security control has failed at the end of Vastamo, probably more.
However, it is possible that the hacker and the sender of the blackmail messages are not the same person, as anyone could have copied the information displayed on the encrypted Tor network.
The hacker has communicated in fluent English, the blackmail messages were written in plain Finnish, not through any translation program.
In addition, information has been shared in Finnish-language forums that require identification information in Finnish.
It suggests that the author is Finnish or that at least someone Finnish is in the group.
- Of course, there are many people with extreme language skills in Finland, of course.
And even if the author is Finnish, he does not necessarily have to live in Finland.
That is why it is important that all the messages received are forwarded to the authorities, Särkkä suggests.
Särkkä suspects that all the details of the case will never be known.
Not even in the event that the perpetrator is caught and brought to justice.
- The trial would probably be declared secret, as the personal and health information of the blackmailers would be revealed there.
It may be that the general public will never receive definitive information about exactly what has happened, Särkkä thinks.
However, Särkkä hopes that many other companies will learn a lesson and a thorough moment of reflection on Vastamo's hacking.
- It would be good if different companies seriously considered whether our company also has customer information that should be protected in a completely different way, so that the same could not happen in our company in the eternal world.
That potential security threats would be identified, that the information would be responded to and secured appropriately, Särkkä says.