American travel firm CWT (formerly known as Carlson Wagonlit Travel), have been held to ransom by anonymous ransomware hackers forcing them to pay around $4.5 million Bitcoin ransom.
The $4.5 million Bitcoin ransom was paid to the hackers after they launched a ransomware attack that led to the theft of piles of company documents and left thousands of the travel firm devices offline.
Ragnar, a technology used to encrypt files, was used by these hackers to lock files of the travel firm, leaving them inaccessible Reuters reported.
CWT forced to pay Bitcoin ransom
CWT had to pay the $4.5 million Bitcoin ransom on Friday to get their files decrypted and accessible. The encrypted files contained around two terabytes of information, including employee data, financial documents, and other information.
“We can confirm that after temporarily shutting down our systems as a precautionary measure, our systems are back online, and the incident has now ceased,” the company said in a statement. CWT stated that it is working with U.S. and European authorities.
“While the investigation is at an early stage, we have no indication that personally identifiable information/customer and traveler information has been compromised.”
$4.5 million Bitcoin ransom negotiated down from $10 million
Previously, the hackers demanded ransom worth $10 million in Bitcoin. However, it was talked down to $4.5million, giving COVID strained finance as an excuse for not affording the initial $10 million.
Reportedly, Ransomware attack has been an issue for international businesses, incurring billions in costs annually. Likewise, since Bitcoin had been existent in 2008, crypto has been center stage to cyber extortion of this nature.
Between 2013 and 2017, over $259 million has been captured in ransom payment, according to The Journal of Cybersecurity. Western security officials also have said that ransomware attacks are a severe and consistent threat to businesses and private companies, despite the increased attention usually given to the headline-grabbing antics of state-backed hackers.