This is the web version of CEO Daily. To have it delivered to your inbox,register here.
Hello. David Meyer here in Berlin, replacing Alan.
What should you do if you are attacked by online extortionists? If you are CD Projekt, the Polish studio behind the Witcher recent games and blockbuster Cyberpunk 2077, the answer to the ransomware threat is openness.
This morning CD Projekt announced on Twitter that someone had broken into their internal network, stole data, encrypted some systems, and left a ransom note – which the company also posted in the tweet. The attackers threatened to publish the source code of CD Projekt Red online and give journalists internal documents relating to accounting, investor relations, etc.
“We will not give in to requests or negotiate with the actor, knowing that this could potentially lead to the disclosure of the compromised data,” the company said, adding that it had notified law enforcement as well as the Polish data protection authority. , although he does not believe “for the moment” that the personal data of the players or the users was taken in the hold-up.
CD Projekt’s stock price fell 6% on the news, and responses to his tweet also show a mix of schadenfreude and disbelief on the part of some players.Cyberpunk 2077the liberation of plagued by bugs on PC and older consoles, its reputation was therefore already precarious. The company may have had no choice but to get ahead of the news, given the additional damage to reputation that could result from attempting to cover up the breach and its discovery.
But leaving this context aside, CD Projekt’s answer seems to be the correct one. Minimizing the threat of ransomware seems insane when it continues to grow at a rapid rate and when extortionists are, shall we say, less than trustworthy.
Publication of cybersecurity company Proofpoint a survey yesterday suggesting two-thirds US organizations were hit by ransomware infections last year, and more than half of them agreed to pay the ransom so they could quickly regain access to their data. But only 60% actually had this access after the initial payment – the rest then received additional ransom demands, which paid the most.
Probably wise to CD Projekt not to play the attacker’s game, then. More news below.