06 Jul Ransomware Infects Hosting Company; Decryption Costs A Million Dollars
A South Korean web hosting company called NAYANA has been the victim of what appears to be one of the largest, if not the largest ransomware attacks in the history of the internet.
According to the digital security firm Trend Micro, the ransomware used in the attack is called Erebus, and successfully infected all of the company’s servers, encrypting the website data of every site the company hosted. With no way to get the data back for their extensive user base, the company agreed to pay 397.6 bitcoins ($1.01 million USD) to get the decryption keys.
The initial demand made by the hackers was for 550 bitcoins, so the company was able to negotiate a substantially lower ransom, and they got the hackers to agree to let the company pay in three installments with each payment unlocking one third of the company’s files. So far, two of the three payments have been made, and the third is pending.
While notable for the sheer size of the payment, this latest attack underscores the danger of ransomware in general, and the mayhem it can cause.
It also underscores the need for better education and awareness, because overwhelmingly, ransomware infects a company via some flavor of phishing attack, which sees the hacker emailing company representatives with a note that contains a poisoned link or file.
If the users never click on or download these, then no infection occurs.
This drives home the point that no matter how advanced and robust your digital security system is, it’s only as good and as effective as your employees. If they are apathetic about matters of data security or simply unaware of the dangers clicking on untrusted links and files pose, then no amount of software is going to prevent tragedies like this from happening to your company.
An educated workforce is your best means of prevention, backed up by robust software, of course.