Medibank should have negotiated and paid the ransom demanded by hackers after its data systems were breached exposing the details of almost 10 million current and former customers, argues a cybersecurity expert.
Chris Rock, a professional hacker who co-founded global company SIEMonster, which is based in New York and has partnerships with Amazon and Oracle, says the hackers that Medibank are negotiating with are, like it or not, business people.
“They are not just one-time wonders, this is a business for them,” says Rock, who is an Australian. He argues that once a ransom is paid it’s not in the hackers’ interest to leak the information. And while there is no guarantee, Rock says if the hackers leak the information after receiving payment, then the next company they target won’t pay.
Rock, who for the past three decades has worked for governments, universities, and companies such as Australia’s BlueScope Steel, says he knows his view is in the minority.
The board and management of Medibank, Australia’s largest health insurer with 27.3 per cent of the market, have refused to pay the hackers the $US9.7 million ($14.6 million) ransom they demanded. The federal government and its security agencies also advised against payment.
Since the attack by Russian hackers was made public in mid-October, the personal information and health conditions of some Medibank customers have been released in batches on the dark web. This has included information on Medibank customers who have had abortions and received treatment for mental health conditions. The hackers released a further block of customer records on the weekend, which included details on chronic conditions such as heart disease, and details of people with cancer, dementia, and infections.
Medibank was verifying those recent records that were released. The company’s chairman, Mike Wilkins, and chief executive David Koczkar have issued a number of apologies to customers.