The hacker ring’s ransom note appeared on the company’s computer screens this past Monday. “Your computers and servers are encrypted, backups are deleted,” it said. “We use strong encryption algorithms, so you cannot decrypt your data.”
But, the extortionists said, “you can restore everything by purchasing a special program from us - universal decryptor.” This program, the message said, “will restore all your network.”
The price: $1.2 million.
They also had stolen 1 terabyte - the equivalent of 6.5 million document pages - of the company’s sensitive data. If the firm did not pay to decrypt it, the data would be “automatically published” online, the hackers said, according to the note, which was shared with The Washington Post by the firm that helped the victim deal with the attack.
On Wednesday, the company paid $850,000, according to Austin Berglas, the former head of the cyber branch in the FBI’s New York field office who is now global head of professional services for the cyber security firm BlueVoyant.
“In this case,” he said, “they had no option.” If they didn’t pay, he said, “they would go out of business.”
The firm’s dilemma is faced by thousands of companies, schools, governments, and other entities around the world every year. Most incidents go unreported. Anecdotally, according to companies that help victims hit by ransomware attacks, more than half pay some form of ransom - estimated last year to average about $312,000, according to Palo Alto Networks, another cybersecurity company that deals regularly with ransomware attacks. Some experts suspect that amount is low.
The attack that led Colonial Pipeline to shut do ..
Support the originator by clicking the read the rest link below.
