On September 22, Nathan Wyatt, the leader of TDO, was sentenced to five years in prison. The 39-year old Englishman, who was extradited to the U.S. in December last year, pleaded guilty to the charges. The Missouri federal district court ordered him to pay almost $1.5m in restitution in addition to the five-year sentence.
What did he do?
The Dark Overlord is a hacker organization that first attracted the public's attention with its massive cyberattacks on healthcare companies. They stole and sold 650,000 people’s medical records on the dark web.
Since then, they’ve been all over the news, their crimes ranging from malicious to incredibly disturbing.
- The group hacked businesses and private individuals, stole their data, and threatened to publish it online unless they paid a ransom in Bitcoin. The hackers targeted banks, medical companies, and private individuals. If they ignored the attackers’ requests, their friends and family members received threatening messages too. Wyatt usually was the one behind these threats, even attacking their victims’ children so the parents would pay up. These threatening calls and messages eventually led the investigators to Wyatt.
- One of the hackers’ largest attacks was against Lloyd's of London, an insurance marketplace. TDO claimed that they’d stolen significant amounts of incriminating insurance documents related to the 9/11 attacks. The hackers announced that they would release these documents to the public unless Lloyd’s paid $2m in Bitcoin. However, no ransom has been paid since December 31, 2018, and TDO is releasing the confidential documents in stages. It’s still unclear whether they contain any valuable information.
- One of the group’s most disturbing attacks happened in 2017 when they targeted schools in Columbia Falls, Montana. More than 30 schools had to be closed down due to death threats students and their parents received from the hackers. As usual, the victims were asked to pay money to be left unharmed.
How do you stay safe?
Cybercriminals don’t always get away with their crimes. However, cases in which they are found are few and far between. It’s easier to avoid cyberthreats in the first place than to deal with the aftermath.
These types of cyberattacks are mostly aimed at companies that handle sensitive data, CEOs, and other large and/or wealthy targets. But even a middle-level manager with enough access permissions could become a target.
What should public organizations, companies, and individuals do to prevent these things from happening?
- Keep your data safe. Use firewalls, cloud backup, and encrypt sensitive information.
- Access management. Make sure that employees have access only to the data they really need. A lot of breaches happen when too many people have access to sensitive company data. The more entry points there are, the harder it is to guard them.
- Hide your company’s contacts. No emails, phone numbers, and addresses should be available to the public. Have an online contact form instead.
- Know the risks. Phishing techniques are getting more sophisticated each day. Every employee in the company should know how they work, so hold regular cybersecurity training sessions. Spear phishing, whaling, and other social engineering attacks should also be covered.
- Keep your private life private. Oversharing might lead to more troubles later on. One of the reasons why TDO was able to threaten family members of their victims was that they were extremely easy to find. Don’t disclose your family relations online and educate your children on social media safety.
- Use strong passwords and 2FA. Whether it’s your work account or a private social media profile – passwords are the first line of defense. Don’t reuse them, don’t share them in plaintext, don’t write them down on paper. Enforce these rules at work and try to stick to them at home.
- Use security software. Antimalware tools will notify you about possible spyware, and a reliable VPN will hide your connections from snoopers. It will protect you from man-in-the-middle attacks so you can work remotely, guarded by top-notch encryption. Some providers even offer special features (like NordVPN’s Threat Protection) that actively block malicious and scammy websites so the threat is stopped before it can reach your device. It can also block trackers and intrusive ads as well as identify malware-ridden files.
Protect your work and private life with NordVPN