Safety Certification Giant UL Has Been Hit By Ransomware

UL, which you may know better as Underwriters Laboratories, has overcome countless obstacles in its 127-year run as the world’s leading safety testing authority. Now they’re facing down a true 21st century menace: ransomware.

As reported by Bleeping Computer’s Lawrence Abrams, UL detected suspicious activity on its network last weekend. At-risk systems were shut down as soon as possible to prevent the ransomware from spreading further.

That resulted in interruption to certain services offered by UL including the myUL client portal. As of the time of writing the portal display an outage notification and advises users to call or email UL for assistance.

A statement provided by UL notes that the breach was detected on February 13. A “leading cybersecurity firm” has been brought in to assist UL with its investigation of the incident and law enforcement officials have been notified.

UL Doesn’t Intend To Pay Ransom

At this point it appears that UL wants nothing to do with its ransomers. Staff have been told not to respond to the hackers’ attempts to make contact. UL does not plan to pay the ransom and instead will restore any lost data from backups.

That’s what the FBI advises all ransomware victims to do. There are numerous potential pitfalls for those who do pay.

Even if victims do pay the ransom there’s no guarantee that their attackers will follow through with the promise to restore data — these are criminals, after all.

There’s also the possibility that the hackers will do what they say but ransomware’s decryption routine won’t work as hoped. If that happens, a victim’s files will be permanently destroyed.

Why Do Some Victims Pay?

There are a handful of reasons ransomware victims pay to recover their data. One of the most common are not having a secure, current set of data backups. Another is…