What Happened When An Organisation Refused To Pay The Ransom

Home 5 Blog 5 What Happened When An Organisation Refused To Pay The Ransom

A water company in Arkansas, United States found themselves to be victims of a ransomware attack which encrypted 90,000 files on their server and took only under 2 minutes for it to be completed. Their local managed services provider insisted not to pay the ransom and instead went about to fix the problem themselves.

The cyber attack was believed to have occurred at 4 a.m on a Monday morning, the Water Company employees were alerted to the attack that morning when they discovered most of the files on the server had been renamed and encrypted. Online research on the extension affixed to every affected file led to an email address that could be used to communicate with the hacker and negotiate a ransom to unlock the files.

The managed services provider were adamant not to contact or negotiate with the hackers – main reason being is that these hackers are thieves, there is no guarantee that they will indeed unencrypt all of the encrypted files and make everything as it was before the hack. There is also no assurance that they won’t attempt the same attack again. So instead of making contact with the attackers the managed services provider erased the whole server and re-installed the data from a backup, as they had daily backups setup for the client.

The server was fully restored by Thursday morning and In the meantime employees used handwritten receipts and work orders to carry out day-to-day functions. The biggest impact was that the clerks could not look up a customer’s bill if they came in to pay without it but the positives did outweigh the negatives as there was said have been no customer’s personal data stolen in the attack. Servers for the water and wastewater plants were not connected to the office’s server and were not affected in the attack. Operational controls for those plants were located inside the facilities themselves and cannot be accessed from the business office.

So all in all the managed services provider pulled through and came to the rescue – earning every cent that they are paid a monthly fee for. The ransom that the attackers were looking for was reported to be well into the five-figure (US$x,xxx) mark and the water company was more than pleased to have the managed services provider backup their server as if nothing happened. The few days of downtime was a small price to pay considering the ransom amount which the hackers were demanding. Authorities warn that ransomware attacks are becoming more prevalent and more sophisticated. It also warns victims not to pay a ransom to recover their files.

If your company isn’t equipped to fend off cyber criminals or your company just doesn’t have any backups in place to save you from ransomware attacks, then you should definitely get in touch with us so we can discuss your options. Call us on 1300 768 779, email us at info@intellitek.com.au, fill out the web form, or have a Live Chat with us below.

← Cloud Computing Begins With Hybrid Cloud Services Need managed IT services in the Gold Coast area? →

Book A Consult

We can accommodate a solution for your needs, to discuss your options please contact us today.

Ph: 1300 768 779

Book A Consult

Need help? Contact our fast 24/7 dedicated support

IT Services

Cloud

Security

Development

Company