About us

Certifications

Memberships

Commitment

Industries

PRESS

Career

Contact us

Ransomware

Wempe is a victim of ransomware, pays and frees IT systems!

Wempe is a victim of ransomware, pays and frees IT systems!

Victims of ransomware, i.e. encryption Trojans, are asked to pay a ransom to decrypt their files and then use and edit them again. An incident from Hamburg shows that the criminals’ business model can work. However, the incident is a bad signal to criminals and future victims.

Paying money and continuing to work – a bill that will be paid until the next ransom ware

If a Trojan makes it onto the company’s own systems and a company is not able to restore the system from a backup within a pre-determined time, then there is still a lot left on the “IT Security ToDo”. Paying ransom money only provides a short-term remedy – but encourages others to come up with new business models. For example, in the future we will be dealing with ransomware that will publish the data if the ransom is not paid.

According to information from the “Hamburger Abendblatt” newspaper, Wempe paid a ransom of more than one million euros. The payment was made through Bitcoin, as is customary for ransomware claims. Victims of ransomware must therefore also quickly familiarize themselves with the corresponding technology.

Victims of ransomware – pay or not?

Paying ransom is a double-edged sword. No one should pay a ransom – then the business model would not work and cyber criminals would probably not continue to work on the ever-improving encryption Trojans. But the reality is different. Victims of ransomware are in an absolute emergency situation. From now on, no IT system will work. The payment of the ransom seems to be the last solution. How to behave in such an emergency can be determined beforehand with the IT emergency card at collection points and workstations.

business continued to be handwritten – POS systems were not affected

Nevertheless, the company was lucky in its misfortune. The victim of ransomware was spared the failure of the cash register systems. Invoices, however, could not be written. The writing of handwritten invoices should be a thing of the past for most companies.

A good protection against ransomware should be available on a human and technical level. Awareness campaigns with built-in live hacking demonstrations always help employees* to experience the danger. But also the implementation of penetration tests helps companies of all industries to protect themselves against cyber attacks, prevent ransomware attacks and close security gaps for data theft at an early stage.

Photo of author

Chris Wojzechowski

Mein Name ist Chris Wojzechowski und ich habe vor wenigen Jahren meinen Master in Internet-Sicherheit in Gelsenkirchen studiert. Ich bin geschäftsführender Gesellschafter der AWARE7 GmbH und ausgebildeter IT-Risk Manager, IT-Grundschutz Praktiker (TÜV) und besitze die Prüfverfahrenskompetenz für § 8a BSIG. Unser Brot und Buttergeschäft ist die Durchführung von Penetrationstests. Wir setzen uns darüber hinaus für ein breites Verständnis für IT-Sicherheit in Europa ein und bieten aus diesem Grund den Großteil unserer Produkte kostenfrei an.

AWARE7 GmbH

Munscheidstr. 14
45886 Gelsenkirchen

Tel. +49 (0) 209 - 8830 6760
Fax. +49 (0) 209 - 8830 6769
Mail info@aware7.de

Opening hours
Monday - Friday
8:00 - 17:00

COMPANY

About us

Certifications

Memberships

Commitment

Code of Conduct

Career

Contact us

AWARENESS

Live Hacking Show

Managed Phishing Simulation

RESOURCES

IT-Security Blog

Media package

Success Stories

OFFENSIVE SERVICES

Penetration test

Vulnerability scan

IT security emergency

360° SME analysis

CONTACT

Contact form

Call for proposal (CfP)

CONSULTING

ISMS consulting

External information security officer

Imprint Privacy policy
Directions

All prices incl. VAT.