Ransomware attacks continue to wreak havoc on a global scale. CWT, an American travel management firm, found that out the hard way. The company was forced to pay $4.5 million in Bitcoin to get its data back.
CWT Takes a big hit
It is interesting to see how successful ransomware attacks remain in 2020. This type of attack has been causing problems for many years now. Even so, it would appear that most of the companies around the world are still not taking the threat too seriously. This leaves them prone to all types of attacks, often resulting in major financial losses.
American travel management firm CWT fell victim to the Ragnar Locker ransomware strain. This type of malware encrypts computer files and makes them inaccessible until a payment is made. Security researchers often advise not to pay the ransom, but for some companies, time is of the essence.
Interestingly enough, the CWT team decided to open negotiations with the criminals. It is not uncommon to explore such an option. The culprits responsible for ransomware attacks often allow for a direct line of communication with their victims.
Based on this information, it is possible that CWT tried to haggle down the ransom value. Paying $4.5 million in Bitcoin is still a very steep amount. However, for a company noting an annual revenue of $1.5 billion, that is a drop in the bucket. The initial ransom demand was – according to rumors – closer to $10 million in Bitcoin.
According to the hackers responsible for the ransomware infection, 30,000 computers had been infected. Internal research by CWT, however, confirms that this figure is inaccurate. No specifics were provided, but sources mention how “significantly fewer” computers were affected.
There are also some rumors as to whether the criminals stole company data. It is possible up to 2 TB of data has fallen into the hands of the attackers. However, CWT is not confirming this fact as of yet.
None of the information on this website is investment or financial advice and does not necessarily reflect the views of CryptoMode or the author. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website by its authors or clients. Always conduct your research before making financial commitments, especially with third-party reviews, presales, and other opportunities.