Four-star hotel and ski-resort in Australia paid a reported $1,600 ransom to regain control of its computer system during a fully booked weekend. The systems were kicked offline which temporarily interfered with room keys and guest check in among other things. This ransom marks the third attack on the hotel system, but the first time full control was taken. This may be why the hotel opted to pay the bitcoin rather than mess with the situation any further. Rather than risk losing revenue and fully restricting guests from checking in or out of their rooms the hotel worked with the hackers. Cheaper and faster said the hotel representative.
“Neither police nor insurance help you in this case,” Brandstaetter lamented to The Local. “The restoration of our system after the first attack in summer has cost us several thousand euros. We did not get any money from the insurance so far because none of those to blame could be found.” – PCmag
This is not the first time that a company has had to make the difficult decision whether or not to pay the bitcoin and risk losing that money as well as their data, or not paying the bitcoin, and risk total lockout of the system. IBM Security ran a study that found 70 percent of businesses attacked and infected with ransomware have paid the dollar to regain access to their systems and or data.
If you would like to educate yourself in more detail about the information presented in this blog post please visit: www.pcmag.com
Cerber ransomware earned close to $200,000 in July alone, despite a payment rate of 0.3 percent (not even 1 percent!), due to its affiliate distribution model, according to Check Point Software technologies Ltd.and IntSights Cyber Intelligence.
If this rate were to continue, without increasing, that would mean a $2.3 million payout over the course of the year, said Maya Horowitz, group manager of threat intelligence at Check Point.
An affiliate model means that non-technical customers can run their own campaigns using the platform and still walk away with 60 percent of the profit. Customers receive access to management rools, Cerber’s Bitcoin laundering system, and of course, the Cerber ransomware. Horowitz reports that each day an average of eight new cerber ransomware campaigns are launched, adding to the over 150 affiliates.
Another “brand name” ransomware commonly seen today is Locky. Locky differs greatly from Cerber in that Locky is run by one solo team of threat artists, with all proceeds directly going to this team as they do not share their malware with any other parties. Cerber is acting as a business model, taking ransomware to a new level and allowing anyone to join in on the cyber crime cash cow. Not only does Cerber allow user to gain a 60 percent cut, but they also offer a 5 percent referral bonus for member that recruit. This is most certainly the future of malware, with more services to follow this model.
This is one of the first times that security researchers have been able to follow the trail. By extracting the unique Bitcoin wallet identifiers assigned to each victim, Check Point was able to follow the money trail to the central wallet, then to a network of other wallets that are apart of the Bitcoin mixing service, and then to the final destinations. Hundreds of thousands of wallets were followed, which allowed Check Point to actually see the payment rate of people who paid the Bitcoin ransom.
Surprising to most, the number was a very small 0.3 percent. In comparison to other ransomware reports, this percent is much lower. However, this number has been able to foster a hefty income.
To view the origin of this post, and to educate yourself in more detail, please visit : www.csoonline.com
The Kansas Heart Hospital in Wichita, recently found themselves at the mercy of a ransomware nightmare. Seeing as the demands were not unattainable or extremely high, the hospital decided to simply pay the Bitcoin, thinking that would be the end. Not quite. After the hospital paid the Bitcoin, the hackers decided that the hospital was a willing target for even more money! The hackers received payment and decided to hold back some of the data they had encrypted and proceeded to demand more money from the Kansas Hospital.
To my surprise, the Kansas Heart Hospital didn’t end up giving any more funds to the hackers. We aren’t sure if they decided the data was not of importance, or if the hospital employed some tech support from a trusted source. Whichever the case, I appreciate the hospital standing firm in their decision to not pay anymore Bitcoin. As many have been urged to not pay absurd ransomware demands, it can be terrifying when the circumstance comes about. Helpless, I’m sure is how many ransomware victims feel.
Nevertheless, it is important to be aware of malware and ransomware threats. Nearly half the hospitals in the United States have been attacked by some variable of malware/ransomware. An official at the Kansas Heart Hospital even told reporters that they “were aware of the ransomware threat and had a plan in place to deal with it”. Better make sure you have a plan B too.
If you would like to educate yourself in more detail about the information presented in this blog post please visit: Hospital pays ransom, ransomware demands more money