undefined | Better HN

0 pointscrazygringo1mo ago0 comments

If an exploit is found in the software, hackers will often be able to attack hundreds of separate institutional installations in an automated way just as easily. And depending on the exploit, potentially more easily if on-prem admins fail to take all recommended security steps.

I'm actually much more interested if there is any financial liability for Instructure here? It's interesting that it's the universities being ransomed, while the technical failure was Instructure's. We're used to uptime SLA's -- what about security breach SLA's?

0 comments

2 comments · 2 top-level

harikb1mo ago

> It's interesting that it's the universities being ransomed, while the technical failure was Instructure's.

My guess would be they get likelihood of getting paid when blackmailing 9,000 schools (at least a few would pay up) than blackmailing Canvas/Instructure.

I don't think any SLA/terms would change who gets to feel the pain.

poopmonster1mo ago

My guess is that they believe by maximizing their attack coverage, the odds are greatest that some of the institutions will pay up. And otherwise, they can still make a bit of money by selling the data.

Don't ransom all your eggs in one basket

j / k navigate · click thread line to collapse