Just imagine ransomware hackers attacked your computer and stole all the files that have sensitive data. Now they demanded million dollar in bitcoin to give access to your computer which has important files. What would you like to do in these situations? You have only two ways. Either you pay ransom money to the hackers for getting access to your computer and ask him to delete the stolen data from their system or you forget those sensitive data and don’t pay the hackers any ransom money. These simple things depend on how important is the stolen data for you. Many such companies have paid ransom money to hackers for restoring access to their computers. However there are some companies which didn’t pay any ransom money. In result, they lost their sensitive data.
According to cointelegraph, recently a U.S. based travel company CWT paid 414 bitcoin to ransomware hackers to get access to their own computers and files that have sensitive data. The whole payment made in two transactions on July 27. The value of bitcoin was around $4.5 million at the time of transactions. Later, the hackers transferred the whole amount to another bitcoin address. The technology has been developed for human welfare, but is used for the wrong purpose.
How attackers hacked computers at CWT firm?
The hackers used Ragnar Locker Ransomware to hack 30000 computers at CWT firm. CWT firm was unable to access the files that have sensitive data. The initial ransom amount was $10 million. But a CWT representative said the hackers that the company was unable to pay that much amount due to suffering of huge financial loses. The company didn’t perform well during pandemic. Finally the representative convinced ransomware hackers to recieve less than half of the ransom amount.
The negotiation that happened between the representive of CWT firm and hackers is available for public in which the attackers said CWT firm to follow three things to secure their system :
- Change password every month
- Employ at least three system administrators to work for 24 x 7
- Check privileges given to users
I retrieved some negotiation from Jack Stubbs twitter :