Well, bless your heart, the band Radiohead said after it was hacked and asked to pay a ransom for 18 hours of unheard music – a request that it eschewed, instead releasing the music on Bandcamp in order to aid Extinction Rebellion.
The extortionist demanded $150,000 after stealing 18 hours of music last week, according to a tweet from Radiohead guitarist Jonny Greenwood on Tuesday. It was stolen from Radiohead frontman Thom Yorke’s archive from around the time of the release of the 1997 album OK Computer.
Jonny Greenwood (@JnnyG) June 11, 2019
Act fast: this offer won’t last. Greenwood said it’s good only for the next 18 days.
So for £18 you can find out if we should have paid that ransom.
Though the music wasn’t intended for public consumption and is only “tangentially interesting,” Greenwood said, some clips did reach the cassette in the OK Computer reissue. Not only is it not particularly interesting, it’s also “very, very long,” he said – “not a phone download.”
One last blasé shrug from Greenwood:
Rainy out, isn’t it though?
What to do if you’re not Radiohead
While Radiohead may have had good reason to believe their extortionist was genuine, most threats are bogus.
Some emails threaten to wreck your website’s reputation by sending millions of emails from your domain, leave boatloads of derogatory reviews about your site, and understandably alarm business owners.
Whether it’s your business or personal reputation under fire, if there’s no proof (and no, just revealing your password doesn’t count) accompanying the email, it’s a fake. Ignore it. A real extortionist will try again, next time with something tangible to get you to pay up.
While it’s a treat to see a hacker get slapped like a mosquito, many victims of genuine digital extortion don’t feel they have the luxury of that type of go-jump-off-a-cliff response.
Those can be frightening prospects, but you have to bear in mind that going along with the crook’s demands is no guarantee that they’ll actually, say, delete the material they’re dangling over your head, or release systems seized in a ransomware attack. There’s no guarantee that if you do pay a ransom, the crooks won’t come back for more.