A cautionary tale. All I can say is WOW! Fool me once, shame on you. Fool me twice…

By Danny Palmer – A company that fell victim to a ransomware attack and paid cyber criminals millions for the decryption key to restore their network fell victim to the exact same ransomware gang under two weeks later after failing to examine why the attack was able to happen in the first place.

The cautionary tale is detailed by the UK’s National Cyber Security Centre (NCSC) in a blog post about the rise of ransomware. The unnamed company fell victim to a ransomware attack and paid millions in bitcoin in order to restore the network and retrieve the files.

However, the company just left it at that, failing to analyse how cyber criminals infiltrated the network – something that came back to haunt them when the same ransomware gang infected the network with the same ransomware less than two weeks later. The company ended up paying a ransom a second time.

“We’ve heard of one organisation that paid a ransom (a little under £6.5million with today’s exchange rates) and recovered their files (using the supplied decryptor), without any effort to identify the root cause and secure their network. Less than two weeks later, the same attacker attacked the victim’s network again, using the same mechanism as before, and re-deployed their ransomware. The victim felt they had no other option but to pay the ransom again,” the NCSC blog said. Read On: