Top 10: ransomware payments – infosecurity magazine


Recently, the ethical debate over ransomware payments has intensified, following numerous high-profile incidents. The sad reality for victims is that it costs more to not pay for a ransomware claim due to loss of business, damage to reputation, and the cost of rebuilding a network.

This is mainly the reason why ransom demands have exploded recently. A study by Palo Alto Networks found that the average payout increased 171% in 2020 compared to 2019. It was even reported that the DarkSide ransomware gang had pulled out for $ 90 million in Bitcoin.

Safety Info has compiled a list of the most significant ransomware payments confirmed, or at least widely reported at the time of writing. Notably, most of the incidents took place in the past 18 months. Yet in the murky world of ransomware, many payments go unofficially confirmed, and it is plausible that other payments have taken place that are not public knowledge.


1. CNA Financial (2021) – $ 40 million

One of America’s largest insurance companies, CNA Financial, has reportedly agreed to pay $ 40 million after its computer systems were locked down and data stolen by malicious actors. This is by far the biggest ransomware payout known to date.


2. JBS Foods (2021) – $ 11 million

In June 2021, meat processing company JBS Foods confirmed that it had paid its extortionists $ 11 million, which it said was necessary to “alleviate any unforeseen issues related to the attack and ensure that no data is not exfiltrated “.


3. Blackbaud (2020) – $ 10 million

It was reported last year that US cloud computing company Blackbaud paid attackers $ 10 million after being hit by a combined ransomware and data breach attack. The incident is believed to have led to the compromise of personal information at a number of academic institutions and charities.


4. Garmin (2020) – $ 10 million

Unconfirmed reports circulated last year that the personal fitness giant allegedly paid its extortionists $ 10 million following a cyberattack that forced its website and mobile app to shut down.


5. Global CWT (2020) – $ 4.5 million

US travel management firm CWT Global paid hackers $ 4.5 million after highly sensitive information was stolen and 30,000 computers were taken offline.


6. Brenntag (2021) – $ 4.4 million

The German chemicals distribution company reportedly paid a ransom of $ 4.4 million after the DarkSide ransomware gang encrypted the company’s devices and stole up to 150 GB of data from its North American division.


7. Colonial pipeline (2021) – $ 4.4 million

Notorious attacks on Colonial Pipeline in May 2021 forced America’s largest fuel pipeline offline for five days. A ransom of $ 4.4 million was later paid to the DarkSide gang by the company, but, encouragingly, the majority of the funds were recovered by the US Department of Justice.


8. Travelex (2020) – $ 2.3 million

The exchange firm’s systems were taken offline for almost two weeks in early 2020, and its services were only restored after a massive payment was sent to attackers. The incident reportedly contributed to Travelex’s administration in August 2020.


9. Internet Nayana (2017) – $ 1.14 million

The only incident on the list to have occurred before 2020. In 2017, Korean web hosting company Nayana paid what was, at the time, a record ransom to
hackers after more than half of its servers were destroyed in an attack.


10. Kingdom of California, San Francisco (2020) – $ 1.14 million

Last year, the famous American university confirmed that it paid the Netwalker ransomware gang $ 1.14 million after encrypting critical academic data related to its research into COVID-19.


Source link

Previous Hugh Jackman apologizes for 'breaking the internet' with Wolverine and Kevin Feige photos
Next How to Build a Successful Dropshipping Website Using WordPress

No Comment

Leave a reply

Your email address will not be published. Required fields are marked *