Skip to playerSkip to main content
CCNTV6
  • 2 years ago
Cyber security expert and risk consultant Shiva Parasram dug into the TSTT data dump; what he found may surprise you.
Transcript
00:00 Cyber risk consultant, lecturer and author Shiva Parasram took us through the TSTT files
00:07 uploaded to the dark web by cyber attackers Ransom X.
00:12 We saw a text file containing thousands of names and associated numerical information
00:19 believed to be payment records.
00:21 There's a file called I think it's customer.txt and it's about 1 gigabyte in size and it's
00:30 like thousands upon thousands of names and entries and what could possibly be account
00:37 numbers.
00:38 There are scans of letters that persons would have sent in requesting services or changes
00:45 to services.
00:46 They have any letters obviously would have people's signatures, their contact number,
00:52 their driver permit ID attached to some of those in those same folders you have scans
01:00 of their passports, their drivers permit.
01:03 There we were able to see the names of Prime Minister Dr. Keith Rowley, ministers including
01:09 Colm Embut, prominent businessmen like Norman Sabga and even the regular genes like myself.
01:17 The worst part, the subject matter expert points out, is the picture IDs of persons
01:23 in numerically named folders in a scanned document file.
01:28 Additionally, there's correspondences with signatures of clients and that's exactly
01:34 what Shiva says hackers like Ransom X are looking for.
01:39 So basically what they try to get is a lot of what we call PII which is personally identifiable
01:45 information.
01:47 That could be anything that could identify a person digitally such as your name, email
01:52 address, ID number, user names, passwords if possible.
01:56 So that's what we call PII and in certain parts of the world, certain countries, you
02:05 have a lot of legislation that goes into place so that if companies are breached and their
02:10 customers' PII is divulged, they pay very exorbitant fines and stuff.
02:16 So they know that sometimes you can keep this quiet, sometimes you can't, but either way
02:22 it may even work up to pay them less than you might have to in fines.
02:27 He's the owner of Computer Forensics Institute and says companies like Ransom X steal information
02:34 and threaten to release the data if companies do not pay the requested ransom.
02:41 Notifications, he says, are posted on the computers of users indicating their system
02:47 was breached.
02:48 On any text file, you'll see that your files have been encrypted.
02:52 If you'd like to decrypt, please, they'll give you a dark web address.
02:57 You go to that dark web address, they have the payment wallet for whatever crypto like
03:01 Bitcoin or something.
03:04 You somehow miraculously find the money and you pay the ransom and maybe, not guaranteed
03:12 at all because it's a criminal organization, maybe they might give you the decryptor to
03:16 decrypt the files.
03:17 And since Ransom X claimed the breach and released sensitive information, does that
03:23 mean TSTT did not pay the ransom?
03:27 I don't want to speculate because from what we've seen usually there might be a timer
03:31 or something like that or something to indicate that there was a ransom.
03:35 But at least from what we've seen so far, I haven't seen anything like that.
03:41 So typically though, it is customary that they will release the data if a ransom is
03:47 not paid.
03:48 Ransom X also managed to retrieve passwords, though from 2019, it may interest you to see
03:55 these passwords do not contain the recommended strength.
04:00 These hackers, he say, are professionals and even breached multi-billion dollar companies
04:05 like Ferrari.
04:07 He says once information is posted on the dark web, it cannot be erased.
04:12 This is actually a perfect opportunity to get something like this started because at
04:17 the beginning, we don't even have any legislation that says if a company is breached that you
04:21 have to let your clients know.
04:23 So this could have easily gone under the radar if guys like Mark and stuff didn't probably
04:30 publish this in a tech actor's website and stuff.
04:33 Shiva is advising customers to not open the said document being shared as it likely contains
04:40 malware which can infect your system.
04:43 One company, he says, is working on a search engine to see if your name appears.
04:48 But searching thousands of folders of scanned documents for your IDs would be very difficult.
04:54 Additionally, once Ransom X gets inside a system, they can still be there and leave
05:00 back doors open for other hackers.
05:03 Shiva says legislation needs to be introduced and state companies and agencies need to do
05:10 regular training and retraining of staff and users of consoles to ensure breaches do not
05:17 recur.
05:18 Urvashi Tamwari, Rupnarayan, TV6 News.
05:21 [BLANK_AUDIO]
Be the first to comment
Add your comment