CWT, a US travel management company, paid $4.5 million to hackers who stole confidential corporate files. CWT has a worldwide client and is the fifth-largest US travel corporation. The firm possesses an estimate of $1.5 billion in yearly earnings and claims that it embodies more than a third of businesses on the S&P 500 US stock index.
If there was only any other option
As per the Reuters report, the hackers infiltrated CWT’s mainframe system, stole confidential corporate files, and rendered the company’s system offline as they were demanding a ransom to be met. The criminals used ransomware known as Ragnar Locker that encrypts and modifies computer files to be unusable till the corporate victims settle for access to be returned.
The company validated the attack but declined to discuss the details concerning what it declared was a continuing investigation. The firm said that it tentatively shut down its computer network as a preventive measure after suffering a cyber-security break last July 27.
In their ransomware message left on infected CWT computers, the hackers said to have stolen two terabytes of files, including security documents, financial reports, and employees’ data like salary information and email addresses.
Still, hackers purportedly misrepresented that they infected 30,000 computers. The company stated that no traveller and client data had been jeopardised.
The ongoing ransom negotiations amid a CWT spokesperson and the hackers continued publicly available in an online chat group, thus contributing some insight into the suspicious relationship between cybercriminals and their corporate prey.
The hackers initially demanded USD 10 million to be met to restore the company’s files and erase all the stolen data.
The CWT spokesperson involved in the negotiations announced they were representing on behalf of the company’s chief financial officer.
The spokesperson stated that the firm had been negatively affected by the coronavirus outbreak and agreed to pay $4.5 million in Bitcoin.
Cryptocurrency activities on the Public Ledger designate that an online wallet managed by the hackers acquired the requested payment of 414 Bitcoin on July 28.
Ransomware strikes increased
Ransomware crimes are on the rise and indicate no sign of slowing down. Notwithstanding the heightened awareness given to public headlines versus cybercriminals, ransomware attacks have heightened a severe and constant menace to businesses and private firms. Such attacks are perceived to cost billions of dollars every year, both in recovery costs or extorted payments.
Cybersecurity specialists encourage the general public to keep their data back-ups protected and to prevent settling ransoms as this helps further criminal attacks without a guarantee that the encrypted files would be returned.