THE FIRST TWEET that the Dark Overlord sent to a small chiropractor in Poughkeepsie, New York, read: “We’re watching you. Make the right choise [sic].”
By the next day, it was too late for choices. The hacker group had publicly named the practice and claimed to possess all its patient information. The chiropractor, the hackers said, had “rejected our most handsome proposition.”
The pattern is typical of the Dark Overlord: Choose a vulnerable target, steal its data, announce the theft, and demand payment via Bitcoin. If the victim does not pay, the group threatens to release the information or sell it on dark web exchanges, the anonymous underbelly of the internet.
A mythology has come to surround the group, which perpetuates the lore, sometimes by tweeting ominous religious passages. In one extortion letter, it claimed responsibility for “some of the most serious breaches and security violations in the last year.”
The Dark Overlord punches above its weight through strong branding, a focus on terrorizing its victims, and a deliberate press strategy. Although relatively small compared to the $4 billion in global damages wreaked by the WannaCry ransomware attack, its successes show why healthcare organizations of every size must ready their cyber defenses.