Attackers demanded £120,000 from a Dorset business after infecting the company’s computer systems with crypto-ransomware.
According to the Bournemouth Daily Echo, ransomware actors targeted an engineering firm located in Dorset, a county in the south-western part of England. A spokeswoman for the Dorset Police confirmed the attack and provided additional insight into the malefactors’ demands.
It was reported that their computer was hacked and a demand was made for £120,000. The victim was referred to Action Fraud to report.
Such a high ransom demand reflects the likelihood that bad actors infected more than one computer at the business. Under those circumstances, attackers usually demand a large sum of money in exchange for the restoration of all affected IT assets.
This was the case in the March 2018 ransomware attack that struck several computer systems operated by the city of Atlanta including bill payment applications. At the time of the infection, those responsible demanded 0.8 Bitcoins (then worth $6,800) for the restoration of each system. They also gave the city government the option of paying six Bitcoins (a value of $51,000 at the time) to fully recover its resources.
As of this writing, city officials have not paid the ransomware attackers. Instead they’ve spent five million dollars on recovering their systems thus far and could require an additional $9.5 million for the city’s recovery efforts.
The Dorset company, which the Daily Echo said it will not identify, also did not pay the ransom. This decision prevented the business from accessing vital data including personal information about its 100-member workforce.
Matt Horan, security director of C3IA Solutions in Poole, told the Daily Echo that it’s better to not pay ransomware attackers and bear the recovery costs:
You should never pay a ransom because there is no guarantee you will get your data back. During an attack the data doesn’t go anywhere, it is just encrypted and you need a decryption key or algorithm to unlock it and get it back. If you pay a criminal to return your data there is a good chance that he or she will take the money and not decrypt the data – or even ask for more money.
Horan recommended that companies instead focus on backing up their data on a regular basis.
Fortunately, there are ways that organizations can prevent a ransomware infection. These techniques are a good place to start.