Jump to content

South Korean firm's 'record' ransom payment


DFighter

Recommended Posts

_96034173_cryptor3.png

South Korean web-hosting firm Nayana has agreed to pay a $1m ransom to unlock computers frozen by hackers.

It is believed to be a record amount, although it is worth noting that many ransom payments are never made public.

Nayana's chief executive revealed that the hackers initially asked for $4.4m, payable in bitcoin.

Security experts warned that firms should not pay such ransoms or enter into negotiations with hackers.

Angela Sasse, director of the Institute in the Science of Cyber-Security, said that she was surprised both by the size of the ransom and that the firm went public about paying.

"This is a record ransom from what I know, although some will have paid and not gone public.

"It could be that it had to disclose the amount under the South Korean regulatory structure or it could have been done out of a sense of public duty," she said.

"From the attackers' point of view, they might have preferred that the firm kept quiet. It is such a large ransom that it might spur a lot of companies to look more carefully at their security."

Bankrupt

The ransomware - known as Erebus - targeted computers running Microsoft Windows and was also modified so a variant would work against Linux-based systems.

It appears that Nayana entered into negotiations with the hackers, lowering the fee from $4.4m to less than $500,000 although at the last minute, the hackers doubled the negotiated amount to $1m.

They are believed to have encrypted data on 153 Linux servers and 3,400 customer websites.

an update posted on Saturday said that engineers were in the process of recovering data but added that it would take time.

Nayana's chief executive apologised for the "shock and damage" of the incident.

In an earlier statement, he said that the attack had hit his bank balance.

"Now I am bankrupt. Everything I've been working on for 20 years is expected to disappear at 12:00 tomorrow."

Ms Sasse said that ransomware attackers had grown much bolder in recent years.

"Two years ago, they tended to target individuals or smaller businesses believing that they would have less good security measures but they have found that they can get bigger targets and the pay-off is much larger. It is a lucrative business."

Source: http://www.bbc.com/news/technology-40340820

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.