The FBI\/Symantec attempt to sting a hacker who had source code raises some interesting questions: Why would a company pay ransom to get back electronic information? It\u2019s so easy to copy the data that there\u2019s no way the bad guys haven\u2019t done it. So paying a ransom pretty much just guarantees you\u2019ll get shaken down again.\n\tSo how dumb would you have to be to do this? And how dumb would you have to be to think your victim would do this? The email exchanges between the FBI agent posing as Symantec employee Sam Thomas and the hacker who goes by the name of YamaTough offer some interesting insight into all this. (As well as letting us see a real negotiation between the cops and the bad guys.)\n\tFirst the FBI asks YamaTough to send some sample files but \u201cBecause our email system strips large attachments, send sample files to this address \u2026\u201d The gmail address won\u2019t take those files either \u2013 which I\u2019m figuring the FBI knew \u2013 so they ask for the weekend to figure out a way to get the files. \u201cGive us through the weekend to figure out how to get these from you. We don't want these docs posted on a public site.\u201d\n\tThe agency then says it is trying to set up a secure FTP site which YamaTough has trouble believing, \u201cIf you are trying to trace with the ftp trick it's just worthless.\u201d The two sides go around on this issue for a while. The FBI is clearly playing for time but being on hold is as irritating for a hacker as it is for anyone else, so YamaTough eventually writes:\n\t\n\t\tIf we dont hear from you in 30m we make an official announcement and put your code on sale at auction terms. We have many people who are willing to get your code\n\n\tEventually YamaTough asks for $50,000 and \u2013 the FBI gives them a classic bit of corporate run around,\n\t\n\t\tWe are really trying to work with you but we can't meet all the deadlines that you keep throwing at us. We need approvals by a lot of people who all have different opinions. This is the first time we've heard of Liberty Reserve and we are hesitant to just wire money straight to an offshore account.\n\t\n\t\tFinance is asking us what offshore account it is and also how we could make a payment through liberty reserve. Send us that info to give to them. If they shoot these options down, do you have any other ways to accept your payment?\n\n\tThey then propose using PayPal (maybe this was a test to see how stupid the hackers really are):\n\t\n\t\tWe've been looking into Liberty Reserve. Looks like we have to use an exchanger to get money into our Liberty Reserve account. This is more complicated than we expected. Our plan was to get you $1,000 by the end of the week as a test and a sign of good faith but we don't know if we can make this work that quickly through Liberty Reserve.\u00a0We've used paypal numerous times and we know how it works. We can definitely send you $1,000 by the end of the week through\u00a0paypal\n\n\tThe FBI \u2013 like everyone else in the corporate world \u2013 goes to great lengths to blame the delays on Finance. The hackers clearly have some experience with corporate life because they believe the excuses:\n\t\n\t\tNo offence, nobody's trying to give you a hard time.\n\t\n\t\tWe have a clear understanding on how things work inside corp environment.\n\t\n\t\tDo not send us any money (we do not use paypal period) do not send us any 1k etc.\n\t\n\t\tWe can wait till we agree on final amount.\n\t\n\t\tPlease confirm that you received this message so we are not anxious.\n\n\tIt's a strangely solicitous message to get from a blackmailer but even they have their limits. Finally they sent out this:\n\t\n\t\tSO - you told us a week ago that you've being requesting a\n\t\n\t\t\u00a0response from Fin dprtmnt. We got no answer for the below question\n\t\n\t\tso far:\n\t\n\t\t?How much do you consider ENOUGH to pay us in order to\n\t\n\t\t\u00a0work all the issues out?\n\t\n\t\t\u00a0Name the price,\n\t\n\t\t\u00a0Clock's tikin\n\n\tBy this point the hackers clearly think the FBI is involved (\u201cSay hi to FBI agents\u201d) but not that the FBI is running the entire operation. The agents deny this, naturally, and then try to extend the discussion further by offering another plan:\n\t\n\t\tWe can't pay you $50,000 at once for the reasons we discussed previously. We can pay you $2,500 per month for the first three months. In exchange, you will make a public statement on behalf of your group that you lied about the hack (as you previously stated). Once that's done, we will pay the rest of the $50,000 to your account and you can take it all out at once. That should solve your problem.\n\n\tMy favorite moment in the whole exchange is when the hackers try to explain that they are people of honor.\n\t\n\t\tWe have a rule - and we always follow it: If you are the owner - you have the right to be the first one asked. That is why we kept silent at the time of negotiating with you. We stick to the word given and nothing is going to happen to the code if we complete the deal. Were we not that way we would have already sold your code to that willing many.\n\n\tDid they get this from the movies?\u00a0\n\tThere are at least two lessons to be learned from this:\n\t\n\t\tHackers aren't always as smart as you or they think they are.\n\t\n\t\tYou're even stupider than they are if you think you can buy them off.