Victims of ransomware, i.e. encryption Trojans, are asked to pay a ransom to decrypt their files and then use and edit them again. An incident from Hamburg shows that the criminals’ business model can work. However, the incident is a bad signal to criminals and future victims.
Paying money and continuing to work – a bill that will be paid until the next ransom ware
If a Trojan makes it onto the company’s own systems and a company is not able to restore the system from a backup within a pre-determined time, then there is still a lot left on the “IT Security ToDo”. Paying ransom money only provides a short-term remedy – but encourages others to come up with new business models. For example, in the future we will be dealing with ransomware that will publish the data if the ransom is not paid.
According to information from the “Hamburger Abendblatt” newspaper, Wempe paid a ransom of more than one million euros. The payment was made through Bitcoin, as is customary for ransomware claims. Victims of ransomware must therefore also quickly familiarize themselves with the corresponding technology.
Victims of ransomware – pay or not?
Paying ransom is a double-edged sword. No one should pay a ransom – then the business model would not work and cyber criminals would probably not continue to work on the ever-improving encryption Trojans. But the reality is different. Victims of ransomware are in an absolute emergency situation. From now on, no IT system will work. The payment of the ransom seems to be the last solution. How to behave in such an emergency can be determined beforehand with the IT emergency card at collection points and workstations.
business continued to be handwritten – POS systems were not affected
Nevertheless, the company was lucky in its misfortune. The victim of ransomware was spared the failure of the cash register systems. Invoices, however, could not be written. The writing of handwritten invoices should be a thing of the past for most companies.
A good protection against ransomware should be available on a human and technical level. Awareness campaigns with built-in live hacking demonstrations always help employees* to experience the danger. But also the implementation of penetration tests helps companies of all industries to protect themselves against cyber attacks, prevent ransomware attacks and close security gaps for data theft at an early stage.