{"id":44499,"date":"2021-02-08T01:13:00","date_gmt":"2021-02-08T06:13:00","guid":{"rendered":"http:\/\/blog.cybercon1.com\/?p=44499"},"modified":"2021-02-08T01:13:00","modified_gmt":"2021-02-08T06:13:00","slug":"ransomware-a-company-paid-millions-to-get-their-data-back-but-forgot-to-do-one-thing","status":"publish","type":"post","link":"https:\/\/blog.cyberconservices.com\/index.php\/2021\/02\/08\/ransomware-a-company-paid-millions-to-get-their-data-back-but-forgot-to-do-one-thing\/","title":{"rendered":"Ransomware: A company paid millions to get their data back, but forgot to do one thing"},"content":{"rendered":"\n<p>A cautionary tale.  All I can say is WOW!  Fool me once, shame on you.  Fool me twice&#8230;<\/p>\n\n\n\n<p>By\u00a0<a href=\"https:\/\/www.zdnet.com\/meet-the-team\/uk\/dannypalmerzdnet\/\">Danny Palmer<\/a> &#8211; A company that fell victim to a <strong>ransomware<\/strong> attack and paid cyber criminals millions for the decryption key to restore their network fell victim to the exact same <strong>ransomware <\/strong>gang under two weeks later after failing to examine why the attack was able to happen in the first place.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/media.istockphoto.com\/photos\/regrets-wrong-doing-man-having-a-duh-moment-picture-id491921724?b=1&amp;k=6&amp;m=491921724&amp;s=170667a&amp;w=0&amp;h=I5De0p4UMAgafYRYkvpL505Sdi--5RfLEwFRpadL5FI=\" alt=\"\" width=\"698\" height=\"478\"\/><\/figure><\/div>\n\n\n\n<p>The cautionary tale is detailed by the UK&#8217;s National Cyber Security Centre (NCSC)\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/www.ncsc.gov.uk\/blog-post\/rise-of-ransomware\" target=\"_blank\">in a blog post about the rise of <strong>ransomware<\/strong><\/a>.  The unnamed company fell victim to a <strong>ransomware<\/strong> attack and\u00a0<a href=\"https:\/\/www.zdnet.com\/article\/how-bitcoin-helped-fuel-an-explosion-in-ransomware-attacks\/\">paid millions in bitcoin<\/a>\u00a0in order to restore the network and retrieve the files.<\/p>\n\n\n\n<p>However, the company just left it at that, failing to analyse how cyber criminals infiltrated the network \u2013 something that came back to haunt them when the same <strong>ransomware<\/strong> gang infected the network with the same <strong>ransomware<\/strong> less than two weeks later. The company ended up paying a ransom a second time.<\/p>\n\n\n\n<p>&#8220;We&#8217;ve heard of one organisation that paid a ransom (a little under \u00a36.5million with today&#8217;s exchange rates) and recovered their files (using the supplied decryptor), without any effort to identify the root cause and secure their network. Less than two weeks later, the same attacker attacked the victim&#8217;s network again, using the same mechanism as before, and re-deployed their <strong>ransomware<\/strong>. The victim felt they had no other option but to pay the ransom again,&#8221; the NCSC blog said.  <a href=\"https:\/\/www.google.com\/url?rct=j&amp;sa=t&amp;url=https:\/\/www.zdnet.com\/article\/ransomware-this-is-the-first-thing-you-should-think-about-if-you-fall-victim-to-an-attack\/&amp;ct=ga&amp;cd=CAEYACoTNDI1ODM4MjU4OTAyNjE3MDA4NDIaZjk1ZDdkNTc3NTkyZGUyMTpjb206ZW46VVM&amp;usg=AFQjCNF_0JX4NwfZ88cbWR5vP36D2QT2Eg\">Read On:<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A cautionary tale. All I can say is WOW! Fool me once, shame on you. Fool me twice&#8230; By\u00a0Danny Palmer &#8211; A company that fell victim to a ransomware attack and paid cyber criminals millions for the decryption key to <span class=\"excerpt-dots\">&hellip;<\/span> <a class=\"more-link\" href=\"https:\/\/blog.cyberconservices.com\/index.php\/2021\/02\/08\/ransomware-a-company-paid-millions-to-get-their-data-back-but-forgot-to-do-one-thing\/\"><span class=\"more-msg\">Continue reading &rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[636],"tags":[637],"class_list":["post-44499","post","type-post","status-publish","format-standard","hentry","category-ransomware","tag-ransomware"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/posts\/44499","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/comments?post=44499"}],"version-history":[{"count":0,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/posts\/44499\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/media?parent=44499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/categories?post=44499"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/tags?post=44499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}