Offensive Security

Wempe is a victim of ransomware, pays and frees IT systems!

Wempe is a victim of ransomware, pays and frees IT systems!

Victims of ransomware, i.e. encryption Trojans, are asked to pay a ransom to decrypt their files and then use and edit them again. An incident from Hamburg shows that the criminals’ business model can work. However, the incident is a bad signal to criminals and future victims.

Paying money and continuing to work – a bill that will be paid until the next ransom ware

If a Trojan makes it onto the company’s own systems and a company is not able to restore the system from a backup within a pre-determined time, then there is still a lot left on the “IT Security ToDo”. Paying ransom money only provides a short-term remedy – but encourages others to come up with new business models. For example, in the future we will be dealing with ransomware that will publish the data if the ransom is not paid.

According to information from the “Hamburger Abendblatt” newspaper, Wempe paid a ransom of more than one million euros. The payment was made through Bitcoin, as is customary for ransomware claims. Victims of ransomware must therefore also quickly familiarize themselves with the corresponding technology.

Victims of ransomware – pay or not?

Paying ransom is a double-edged sword. No one should pay a ransom – then the business model would not work and cyber criminals would probably not continue to work on the ever-improving encryption Trojans. But the reality is different. Victims of ransomware are in an absolute emergency situation. From now on, no IT system will work. The payment of the ransom seems to be the last solution. How to behave in such an emergency can be determined beforehand with the IT emergency card at collection points and workstations.

business continued to be handwritten – POS systems were not affected

Nevertheless, the company was lucky in its misfortune. The victim of ransomware was spared the failure of the cash register systems. Invoices, however, could not be written. The writing of handwritten invoices should be a thing of the past for most companies.

A good protection against ransomware should be available on a human and technical level. Awareness campaigns with built-in live hacking demonstrations always help employees* to experience the danger. But also the implementation of penetration tests helps companies of all industries to protect themselves against cyber attacks, prevent ransomware attacks and close security gaps for data theft at an early stage.

Photo of author

Vincent Reckendrees

Hallo, ich bin Vincent Reckendrees und leite das Team Offensive Services bei der AWARE7 GmbH. In meinem Bachelor und Master Studium habe ich mich auf IT-Sicherheit spezialisiert und BSI zertifizierter IS-Penetrationstester. Meine Leidenschaft gilt Reverse Engineering, Hardware- und Web-Sicherheit. Als Experte für Penetrationstests finde ich Schwachstellen in Systemen und Netzwerken und nutze sie, um realistische Cyberangriffe zu simulieren und Sicherheitsmaßnahmen zu verbessern. Durch Reverse Engineering entdecke ich Fehler und Verbesserungsmöglichkeiten in Software und Hardware. Meine Fähigkeiten in Hardware- und Web-Sicherheit ermöglichen es mir, physische Geräte und Online-Plattformen vor einer Vielzahl von Cyberbedrohungen zu schützen und ihre Integrität und Zuverlässigkeit zu gewährleisten.