[Cryptography] Apple To Buy CryptoWall for $10 Billion

Fri Apr 1 10:41:17 EDT 2016

[Originally submitted to Risks, but bad editing ruined the joke.]

"Apple To Buy CryptoWall for $10 Billion"
"Plans to dominate the burgeoning data protection market"

One Infinite Loop, Cupertino, CA -- April 1, 2016 -- Apple Computer today announced its plan to purchase the data protection business CryptoWall for $10 billion.  The deal is expected to close before the end of 2016 after securing the approval of regulators.

Apple CEO Tim Cook laid out the rationale for the purchase.  "Apple Computer has always insisted upon the privacy and security of its customers.  We were the first to incorporate default full-disk encryption, and CryptoWall is the obvious next step in protecting our customers' data confidentiality."

"CryptoWall's product is in daily use by government agencies, businesses and ordinary citizens; they have the best name recognition and brand image in the data protection business," explained Cook.

"We surveyed the market -- from CryptoLocker to Reveton -- and found that CryptoWall had the strongest encryption, the best user interface, and the largest market share."

The CEO of a major hospital chain added, "CryptoWall is more secure -- and cheaper -- than RSA's products."

"The FBI recently did a thorough analysis of the security of Apple products, and they were very helpful in highlighting some vulnerabilities that we felt obliged to fix as soon as possible.  The CryptoWall suite of products not only had the right synergy with our needs and timing, they also had the blessing of the FBI," said Mr. Cook.

"[CryptoWall's] ransomware is that good," said Joseph Bonavolonta, the Assistant Special Agent in Charge of the FBI's CYBER and Counterintelligence Program in its Boston office.  "To be honest, we often advise people just to pay the ransom."

He was referring to programs like Cryptolocker, Cryptowall, Reveton and other programs that encrypt the contents of a user's hard drive, as well as other directories accessible from their system.  The owner is then asked to pay a fee -- often hundreds of dollars -- for the key to unencrypt the data.

The FBI issued a notice which identified CryptoWall as the most common form of ransomware affecting individuals and businesses in the US.  The Bureau said it had received 992 reviews of CryptoWall between April 2014 and June 2015 suggesting revenues in excess of $18 million.

"The easiest thing may be to just pay the ransom," according to Bonavolonta, who said that efforts by the Bureau and others to defeat the encryption did not bear fruit.  "The amount of money made by these security startups is enormous and that's because the overwhelming majority of institutions just pay the ransom."  And most ransomware vendors are good to their word, Bonavolonta said.  "You do get your access back."

According to noted computer security expert Bruce Schneier, "Most computer security is like a chocolate truffle: hard chocolate on the outside, but soft and gooey caramel on the inside".  "Apple's hookup with CryptoWall will enable a crunchier experience -- more like Toblerone", said Bruce, still celebrating the Tony award recently won by his Broadway musical "TSA".

CEO Cook believes that putting a CryptoWall around the iOS kernel will further protect the keys stored under the front mat of Apple's famed and feared Secure Enclave.  "Knowing that CryptoWall stood up to the unrelenting attacks by FBI's best and brightest, we at Apple can rest easy, knowing that our customers' data will remain private."

When questioned about the sleazy reputation of some enterprises in the data protection business, Cook said, "Dealing with the CryptoWall group was no different than dealing with the Hollywood music and movie industry for iTunes."  "Business is business, and besides, CryptoWall made us an offer we couldn't refuse."

Benjamin Dover was named VP & General Manager of the CryptoWall unit, after moving from Oracle to Apple.  "I expect a seamless transition to CryptoWall, as I became quite familiar with the ransomware business model during my twenty-two years at Oracle."