September 7, 2024

The staggering sum of US $75 million has reportedly been paid to a ransomware gang in what’s believed to be the biggest recognized ransom fee made by a cyber assault sufferer since data started. 

Researchers at Zscaler declare in a brand new report that the record-breaking determine was paid by an undisclosed Fortune 50 firm to the Darkish Angels ransomware group. 

The reported fee nearly doubles the earlier report – $40 million paid by insurance giant CNA Financial in 2021 after being locked out of its network by attackers utilizing the Phoenix Locker ransomware. 

Darkish Angels, which emerged in Could 2022, has focused a variety of industries together with healthcare, finance, authorities, and training. Most lately it has been seen launching assaults towards massive industrial, technological and telecoms firms. 

By means of its Dunghill knowledge leak website on the darkish internet, Darkish Angels claims to be “a world crew of technical specialists conducting analysis within the area of data safety” that’s “not involved in politics, and that’s the reason we don’t cooperate with governments and regulation enforcement companies.” 

The reality is, after all, that Darkish Angels’ manner of earning money is thru extortion – threatening firms that their knowledge will likely be leaked to the world if a ransom isn’t paid. 

Darkish Angels, having compromised an organization’s safety, resolve whether or not to encrypt a enterprise’s recordsdata after which, as a rule, spend days and even weeks exfiltrating huge quantities of information. 

Within the circumstances of bigger companies which have been infiltrated by the group, as much as 100 TB of information could also be stolen according to Zscaler’s researchers

In a high-profile incident reported by Bleeping Computer in September 2023, Darkish Angels hit a multinational conglomerate, forcing it to close down its IT programs, having encrypted the agency’s VMware ESXi digital machines and claimed to have stolen over 27 TB of company knowledge. 

Darkish Angels reportedly demanded a US $51 million ransom from Johnson Controls in alternate for a decryption software and to delete the recordsdata it had stolen. The corporate later reported in an SEC submitting that the expense of investigating and remediating the assault, in addition to losses brought on by enterprise disruption, had cost it over US $27 million

Confronted with the headline of an organization paying a record-breaking US $75 million ransom fee, many companies might be questioning how they’d reply when offered with a requirement from cybercriminals. 

Admittedly, it is in all probability an excellent deal simpler for a enterprise to resolve whether or not it ought to cough up tens of thousands and thousands of {dollars} to a ransomware gang than ten thousand {dollars} – however the questions it’s essential ask your self stay the identical. 

Everyone knows that the extra companies comply with pay a ransom, the extra possible it’s that cybercriminals will launch comparable assaults towards others sooner or later – in addition to, maybe, your organization once more.

On the identical time, your organization could really feel it has no alternative however to make the exhausting resolution to pay. In any case, the choice could put all the enterprise in danger – and put the livelihoods of your workers, companions, and even perhaps purchasers in danger. 

No matter your resolution, I’d say that it’s important to tell regulation enforcement companies of the incident and work with them to assist them examine who may be behind the assaults.

Most significantly, do not forget that paying a ransom doesn’t be sure that the safety drawback that allowed the attackers into your community within the first place not exists. When you don’t discover out what went mistaken – and why – and repair it, then you possibly can simply fall sufferer to additional ransomware assaults sooner or later.


Editor’s Be aware: The opinions expressed on this and different visitor writer articles are solely these of the contributor and don’t essentially mirror these of Tripwire.