What happens if you combine Robin Hood, big game hunters, cryptocurrencies and ransomware? A comms conundrum that feels fitting in a year as strange as 2020.

For the unacquainted, Darkside - a cyber group of ‘Big Game Hunters’ – have been making waves on account of their sizeable donation to several charities. The group has shared receipts for $10,000 worth of donations to Children International and The Water Project.


Don’t worry – we’re all confused. The donation has been described as “a puzzling first”, with the group even being labelled as the ‘Robin Hood’ of hackers – and it raises issues which transcend the boundary of cybersecurity. For example, it poses both moral and legal questions about the implications of the charities accepting these donations – economic crisis or not, one charity has already publicly stated it will seek to return the money. That’s not to mention the logistical challenges of returning a donation sent via ‘a mixer’ – a method of automatic money laundering used to obscure the sender.

Even if the charities cannot accept the donations, this is still a rarity. A seemingly positive news story in a sea of negative ones. Yet, the the true motive is unclear. If the group actually wanted to “make the world a better place” (as they claim), wouldn’t they simply find a new profession?

What does it mean for the wider industry?

Let’s begin with some context. Darkside, and other Big Game Hunters, are ransomware attackers which target the networks of large corporate organisations, encrypt the data and demand a large ransom for its safe return. However, what makes Darkside unique is that they only target organisations that can afford the ransom as they “do not want to kill business”.

The group has also claimed that it would not attack schools, hospitals, governments or charities, based on its ‘principles’. This poses questions about the changing nature of the cybersecurity landscape. In 2020, we’ve seen more cyber attacks against hospitals than ever before – leading to concerns over the increasingly real-world threats posed by cybercrime and the rise of ‘cyber-terrorism’.

What does it mean for influencers, media and communications teams?

The plot thickens: after initial media coverage of the donations, Darkside issued a threat – warning that the next donations would be made anonymously, if too many details were shared.

Is it possible that the intentions and motives of cybercriminals are genuinely changing? Are they diverging into those who are legitimate cyber terrorists, versus the ones who just want to make a fast buck? Either way, it’s a reminder that channels of influence are a key tool used by hackers of all types – and the awareness they create carries real-world consequences.

Communicators in the cybersecurity sector should be well versed on those consequences, by now: we have an ongoing responsibility to challenge ourselves on the messages we communicate, the information we share, and how we share it. And in a new era of purpose and accountability, it’s our job to strive for more than just ‘fear as a marketing strategy’.

If you’re struggling to get that balance right, or bring a new sense of creativity to your communications planning, we’d love to help. Connect with me on LinkedIn or drop me a line at: fenella.rickards@hotwireglobal.com