Tag Archive for: paid

San Bernardino County, Calif., Paid $1.1M to Hackers

/in


(TNS) — San Bernardino County acknowledged this week that it has paid a $1.1 million ransom to a hacker who uploaded malware to the Sheriff’s Department’s computer system.

In a ransomware attack, a criminal enters a system and encrypts the data, leaving the owner unable to access it. If a ransom is paid, usually in cryptocurrency, the criminal will provide a decryption key to unlock the data.

For weeks, the county said little publicly about the hack, other than to call it a “network disruption.”


David Wert, a county spokesman, said the county had anticipated such a computer invasion and had taken out insurance. He said that of the $1.1 million payout, the county’s share was $511,852 and that the insurance company paid the rest.

Sheriff Shannon Dicus said Wednesday that the cyber attack did not compromise public safety but workarounds were required for certain tasks. For instance, he said, deputies could not access the California Law Enforcement Telecommunications System, which can tell deputies when a person is wanted for crimes elsewhere in the country. So deputies would request other agencies check the CLETS records.

It was unclear Thursday whether any information was stolen. The department is still going through its systems to learn what has been affected. Those that have been determined to be safe and functioning are being turned back on, said Mara Rodriguez, a sheriff’s spokeswoman.

No other county department computer systems were affected, Wert said.

Chuck Brooks and some other cybersecurity experts say paying a ransom is a bad precedent.

“Generally, businesses should not pay for ransomware as they will likely be hit over and over again as it will be shared and sold by criminal hackers on the dark web,” Brooks said in an email on Thursday, May 4.

Brooks, in a story he wrote that appeared in Forbes magazine, said ransomware has been around since the late 1980s and “it has become a trending and more dangerous cybersecurity threat.”

Wert said there was a discussion about whether to pay but declined to elaborate beyond this statement:

“The decision whether to render payment was the subject of careful consideration,”…

Source…

California county paid $1.1 million ransom to hacker of Sheriff’s Department computers

/in


San Bernardino County acknowledged this week that it has paid a $1.1 million ransom to a hacker who uploaded malware to the Sheriff’s Department’s computer system.

In a ransomware attack, a criminal enters a system and encrypts the data, leaving the owner unable to access it. If a ransom is paid, usually in cryptocurrency, the criminal will provide a decryption key to unlock the data.

For weeks, the county said little publicly about the hack, other than to call it a “network disruption.”

David Wert, a county spokesman, said the county had anticipated such a computer invasion and had taken out insurance. He said that of the $1.1 million payout, the county’s share was $511,852 and that the insurance company paid the rest.

Sheriff Shannon Dicus said Wednesday that the cyberattack did not compromise public safety but workarounds were required for certain tasks. For instance, he said, deputies could not access the California Law Enforcement Telecommunications System, which can tell deputies when a person is wanted for crimes elsewhere in the country. So deputies would request other agencies check the CLETS records.

It was unclear Thursday whether any information was stolen. The department is still going through its systems to learn what has been affected. Those that have been determined to be safe and functioning are being turned back on, said Mara Rodriguez, a sheriff’s spokeswoman.

No other county department computer systems were affected, Wert said.

Chuck Brooks and some other cybersecurity experts say paying a ransom is a bad precedent.

“Generally, businesses should not pay for ransomware as they will likely be hit over and over again as it will be shared and sold by criminal hackers on the dark web,” Brooks said in an email on Thursday, May 4.

Brooks, in a story he wrote that appeared in Forbes magazine, said ransomware has been around since the late 1980s and “it has become a trending and more dangerous cybersecurity threat.”

Wert said there was a discussion about whether to pay but declined to elaborate beyond this statement:

“The decision whether to render payment was the subject of careful consideration,” Wert said. “On balance, and…

Source…

83% of ransomware-hit firms paid ransom at least once

/in


  • An alarming 83% of the individuals who were targeted acknowledged having paid the ransom on at least one occasion.
  • The data reveals a link between cybersecurity debt and occurrences of ransomware incidents.

The debate over whether organizations should pay ransoms in ransomware incidents often centers around the importance of promoting cybersecurity awareness. Last week, news emerged about Australian financial company Latitude Group Holdings, which announced its decision not to succumb to criminals’ ransom demands following a cyberattack the previous month. They asserted that doing so would harm customers and the broader community by encouraging more attacks.

While a few companies may have followed Latitude’s example by refusing to pay ransoms, a striking 83% of those who fell victim admitted to paying the ransom at least once, according to ExtraHop’s 2023 Global Cyber Confidence Index: Cybersecurity Debt Drives Up Costs and Ransomware Risk report.

The study, contrasting IT leaders’ cybersecurity practices with the actual attack landscape, revealed a significant rise in ransomware incidents – from an average of four attacks over five years in 2021 to four attacks within just one year in 2022.

Now, the costs of data breaches continue to increase yearly. Ransomware payments are also not getting any cheaper, especially with most ransoms being paid in cryptocurrency. Businesses will eventually realize that the cost of paying ransom is actually a lot more than implementing and improving their cybersecurity. Backup and data recovery services need to be prioritized as well as increasing the cybersecurity awareness among employees.

As organizations face a growing number of attacks, the data shows they are overwhelmed by cybersecurity debt – unresolved security vulnerabilities such as unpatched software, unmanaged devices, shadow IT, and insecure network protocols that serve as entry points for malicious actors.

Apart from that, most organizations have not moved on from outdated cybersecurity practices and are lacking good cyber hygiene. Both of these may not be the major cause of ransomware but are contributing factors that can enable cybercriminals to easily launch…

Source…

83% of Ransomware Infected Organizations Paid Over $900,000 Each / Digital Information World

/in


The average number of ransomware attacks being experienced by companies grew from four to five in 2022, and that’s just one of the many signs pointing to a worsening state of cybersecurity. Law enforcement agencies usually tell organizations to never pay ransoms because of the fact that this is the sort of thing that could potentially end up making the malicious actors target them repeatedly.

However, ExtraHop’s latest Global Cyber Confidence Index revealed that 83% of organizations that fell pretty to a ransomware attack ended up paying the ransom. The fear of data loss and operational disruption likely led to them biting the bullet, and it is estimated that the companies that paid the ransom had to pay an average of over $925,000 apiece.

With all of that having been said and now out of the way, it is important to note that malicious actors often use the double extortion method when companies pay up. Paying a ransom once makes it more likely that you will pay it again than might have been the case otherwise, so there is a clear correlation between failing to follow post-ransomware instructions and having to go through the ordeal all over again.

77% of experts who are working in the field of IT said that obsolete cybersecurity infrastructure was leading to an increased number of attacks with all things having been considered and taken into account. Spending nearly a million dollars to upgrade this infrastructure might be a far more useful strategy for companies to consider since it can prevent ransomware from making its way onto their systems in the first place.

In spite of the fact that this is the case, most companies tend to have a reactive strategy than a proactive one. Creating backups and keeping cybersecurity tech up to date is both more affordable as well as more efficient, yet most companies are failing to meet this very basic requirement. Until major companies start to take cybersecurity more seriously, the number of these attacks will only grow ever greater. It will be interesting to see if these findings have any sort of impact on how ransomware is dealt with.

Read next: New Investigation Discovers iPhones Being Injected With Spyware Through Exploitation Of…

Source…