So these lads, the glowies assisting the embattled regime… the Russians gave their own system a black eye. Hmm…
What is this, A New Zealand company offesr the HSE a free decryption tool and the hackers also give the HSE a free decryption tool so that means the hackers are… 's no? Well maybe, maybe not.
HSE cyberattack: New Zealand company offers decryption tool in response to attack
HSE officials hope a tool developed by a New Zealand company, which has been offered to the State for free, will significantly speed up the restoration of systems following last week’s ransomware attack.
On Thursday the gang behind the cyberattack gave the HSE a decryption tool to restore the health service systems which had been rendered useless by the malware known as Conti.
O Friday officials concluded this tool is genuine and that it works, but that the software is “flawed” and “buggy”. Restoring the systems using the tool would likely take weeks, and it may be quicker to manually restore the systems from back-ups rather than using it.
There were also concerns the software supplied by the gang could contain “backdoors” which may allow for further attacks.
Contractors working for the National Cyber Security Centre (NCSC), which is leading the response to the attack, is now assessing a tool offered by the New Zealand cybersecurity company Emsisoft which may be able to restore systems twice as fast.
The tool extracts the decryption key from the software provided by the hackers and puts it into a package custom-made by the company which should be far more efficient and far more stable.
It is hoped the software may work twice as fast as the tool provided by the hackers.
Hmmm… really, maybe, maybe it is so, or maybe it’s the journos lack of knowledge, maybe, but the language and all these freebie tools, sure is HIGHLY ambiguous and well confusing but let’s have a look, perhaps this the magical FREE TOOL after all?
So I was right, they are trying to reverse engineer it and/or crack it.
Our straightforward recovery process
- We analyze your infection within hours and advise whether no-cost recovery is possible using existing decryption tools and techniques.
- If our reverse engineers find errors in the encryption code, we try to crack it and build a decrypter that doesn’t require paying the ransom.
- If the encryption can’t be cracked at all, we try to find suitable technical workarounds that can be used to significantly reduce the paid ransom.
It is very possible they have not gotten any encryption key. It really is.
It’s notable how the media coverage mirrors these sites procedural info pages.
If you already paid the ransom but the decryptor doesn’t work
Sometimes the provided decryptor is horribly slow or faulty, but we can extract the decryption code and create a custom built solution for your ransomware strain that decrypts up to 50% faster with less risk of data damage or loss.
Finally, and sure one last thing we don’t have to worry about right? I mean it’s not as if they paid them loads of bitcoins and then found out the decryption key was “faulty”, “flawed” or “buggy” and no one had a clue how to utilise it efficiently, no they got it for free and found out it was a bit “faulty”, “flawed” and “buggy”, so thank heavens eh lads you didn’t pony up for it and find out it was a pile of shyte now did ya lads?
It’s a close shave of a difference between a lock picker and lock smith.