The staggering sum of US $75 million has reportedly been paid to a ransomware gang in what’s believed to be the biggest recognized ransom cost made by a cyber assault sufferer since information started.
Researchers at Zscaler declare in a brand new report that the record-breaking determine was paid by an undisclosed Fortune 50 firm to the Darkish Angels ransomware group.
The reported cost virtually doubles the earlier file – $40 million paid by insurance coverage big CNA Monetary in 2021 after being locked out of its community by attackers utilizing the Phoenix Locker ransomware.
Darkish Angels, which emerged in Might 2022, has focused a variety of industries together with healthcare, finance, authorities, and schooling. Most not too long ago it has been seen launching assaults in opposition to giant industrial, technological and telecoms corporations.
Via its Dunghill knowledge leak web site on the darkish net, Darkish Angels claims to be “a world group of technical specialists conducting analysis within the area of knowledge safety” that’s “not excited about politics, and that’s the reason we don’t cooperate with governments and regulation enforcement companies.”
The reality is, after all, that Darkish Angels’ manner of creating wealth is thru extortion – threatening corporations that their knowledge will probably be leaked to the world if a ransom is just not paid.
Darkish Angels, having compromised an organization’s safety, resolve whether or not to encrypt a enterprise’s information after which, as a rule, spend days and even weeks exfiltrating huge quantities of knowledge.
Within the instances of bigger companies which were infiltrated by the group, as much as 100 TB of knowledge could also be stolen in accordance with Zscaler’s researchers.
In a high-profile incident reported by Bleeping Laptop in September 2023, Darkish Angels hit a multinational conglomerate, forcing it to close down its IT techniques, having encrypted the agency’s VMware ESXi digital machines and claimed to have stolen over 27 TB of company knowledge.
Darkish Angels reportedly demanded a US $51 million ransom from Johnson Controls in alternate for a decryption instrument and to delete the information it had stolen. The corporate later reported in an SEC submitting that the expense of investigating and remediating the assault, in addition to losses attributable to enterprise disruption, had value it over US $27 million.
Confronted with the headline of an organization paying a record-breaking US $75 million ransom cost, many companies could be questioning how they might reply when introduced with a requirement from cybercriminals.
Admittedly, it is most likely an excellent deal simpler for a enterprise to resolve whether or not it ought to cough up tens of hundreds of thousands of {dollars} to a ransomware gang than ten thousand {dollars} – however the questions you might want to ask your self stay the identical.
Everyone knows that the extra companies conform to pay a ransom, the extra doubtless it’s that cybercriminals will launch related assaults in opposition to others sooner or later – in addition to, maybe, your organization once more.
On the identical time, your organization could really feel it has no selection however to make the exhausting choice to pay. In any case, the choice could put the whole enterprise in danger – and put the livelihoods of your employees, companions, and maybe even shoppers in danger.
No matter your choice, I might say that it’s important to tell regulation enforcement companies of the incident and work with them to assist them examine who is likely to be behind the assaults.
Most significantly, do not forget that paying a ransom doesn’t be certain that the safety drawback that allowed the attackers into your community within the first place now not exists. In case you don’t discover out what went incorrect – and why – and repair it, then you could possibly simply fall sufferer to additional ransomware assaults sooner or later.
Editor’s Be aware: The opinions expressed on this and different visitor writer articles are solely these of the contributor and don’t essentially mirror these of Tripwire.