Ransomware attacks continue to wreak havoc on a global scale. CWT, an American travel management firm, found that out the hard way. The company was forced to pay $4.5 million in Bitcoin to get its data back.
CWT Takes a big hit
It is interesting to see how successful ransomware attacks remain in 2020. This type of attack has been causing problems for many years now. Even so, it would appear that most of the companies around the world are still not taking the threat too seriously. This leaves them prone to all types of attacks, often resulting in major financial losses.
American travel management firm CWT fell victim to the Ragnar Locker ransomware strain. This type of malware encrypts computer files and makes them inaccessible until a payment is made. Security researchers often advise not to pay the ransom, but for some companies, time is of the essence.
Interestingly enough, the CWT team decided to open negotiations with the criminals. It is not uncommon to explore such an option. The culprits responsible for ransomware attacks often allow for a direct line of communication with their victims.
Based on this information, it is possible that CWT tried to haggle down the ransom value. Paying $4.5 million in Bitcoin is still a very steep amount. However, for a company noting an annual revenue of $1.5 billion, that is a drop in the bucket. The initial ransom demand was – according to rumors – closer to $10 million in Bitcoin.
According to the hackers responsible for the ransomware infection, 30,000 computers had been infected. Internal research by CWT, however, confirms that this figure is inaccurate. No specifics were provided, but sources mention how “significantly fewer” computers were affected.
There are also some rumors as to whether the criminals stole company data. It is possible up to 2 TB of data has fallen into the hands of the attackers. However, CWT is not confirming this fact as of yet.
The post American Firm CWT Pays $4.5m in Bitcoin due to Ransomware appeared first on CryptoMode.