Can it Get any Worse? Travel Giant CWT Pays $4.5 Million USD Ransom to Hackers who Stole Corporate Files and Knocked 30,000 Computers Offline
In these unprecedented times, where travel around the globe is primarily halted as nations get to grips with controlling the outbreak of COVID-19, many would think it couldn’t get any worse for travel companies. However, they would be wrong, as according to an article from ITNews, American travel management giant CWT has reportedly paid a whopping 414 bitcoin, equivalent to a value of 4.5 Million USD (approximately 6.3 Million AUD), to hackers who successfully exfiltrated over 2 terabytes of sensitive corporate files.
According to the Article, the successful hackers used a strain of ransomware referred to as “Ragnar Locker” which places computer files into a virtual prison through encryption and renders them unusable until the victim pays for the keys. Then in CWT had to negotiate in a public chat forum to pay for the release. It gives us a rare insight into the dialogue that followed. CWT negotiated the hackers down from their initial demand of 10 Million USD. According to the Report, whilst the hackers claimed to have stolen over 2 terabytes of files including financial reports, security documents and employees’ personal data, it was not clear whether any customer data was compromised.
This reinforces a message explored in one of our previous Blogs in the circumstances of cyber attackers using computer generated applications to attempt to obtain bushfire relief assistance, being that even in the lowest of times, cyber attackers lurk, ready to take advantage of business’ critical weaknesses. Cyber attacks such as these are a consistent threat to businesses and often are most prevalent in times of crisis where business efforts shift away from data security on to “more pressing matters”. Our message is to always stay protected, stay alert and to never take your eyes off data security measures and processes, as the one time you do, they’ll be there waiting to pounce.