In an unsettling twist of events, a top South Korean web-hosting firm has decided to bite the bullet and pay up to have their computers unlocked for the startling and record-breaking sum of $1 million dollars (USD). This amount appears to break the record for the largest ransom payment to hackers, although its difficult to be sure since many such payments are never made public.
Web-hosting firm Nayana was clearly caught unaware. The chief executive of Nayana even issued a formal apology for the “shock and damage” created by the Erebus ransomware. Since Nayana runs their data on Linux servers, they clearly had not expected to be hit by such an attack. This particular variety of ransomeware was first launched only against devices and computers that run Microsoft Windows, as is the case for most viruses and ransomware. However, recently Erebus was altered so that it could also break into Linux-based systems, which are normally more secure and targeted more rarely. The end result for Nayana was that data on 153 Linux servers and 3,400 customer’s websites was encrypted and held for ransom by these hackers.
At first, the hackers demanded $4.4 million dollars in payment in the form of bitcoin from Nayana. Eventually, they were neogtatied down to just $500,000. It appears that at the last minute, they doubled that amount to $1 million. $1 million dollars ended up being the final amount that Nayana decided to pay to get their data back. Nayana posted an update to the case stating that their engineers were working on fully recovering all the data that had been frozen, but warned their customers that the process would take time.
Computer security experts have frequently cautioned companies that such large payouts only embolden hackers to carry out further attacks. The standard advice given to businesses is that they should not only never pay ransoms, but they should not even enter negotiations with the types of groups who carry out such attacks. Attackers themselves also have reasons to keep such payments quiet, as record numbers like this encourage firms to take their cyber security more seriously.
A top expert, Angela Sasse, the director of the Institute in the Science of Cyber-Security, went on the record with BBC news expressing her surprise at both the ransom amount and at Nayana’s decision to make the payout public knowledge. She also noted that in the last few years hackers have rdecidedly picked up the pace and scale of their attacks. In the past, they tended to go after individual people and smaller companies. But with payouts this large and lucrative, the current trend of attacking big businesses is likely to continue.
Latest posts by Charles James (see all)
- Workaholism vs. Working Long Hours – What Is The Difference And How Does It Affect Your Health? - March 29, 2018
- FTC Investigating Facebook’s Privacy Practices - March 29, 2018
- Why Do You Need This Basic Guide To Cleaning Restrooms? - February 28, 2018