"This Company Paid a Ransom Demand. Hackers Leaked Its Data Anyway"

A ransomware victim paid to regain access to their network, but the cybercriminals did not keep their end of the bargain. According to cybersecurity researchers at Barracuda Networks, the real-life incident occurred in August 2021, when hackers from the BlackMatter ransomware group used a phishing email to compromise the account of a single victim at an unnamed company. Theft of sensitive information has become a common feature of ransomware attacks. Criminals use it in extortion attempts, threatening to release it if a ransom is not paid. The attackers appear to have had access to the network for at least a few weeks, apparently going undetected before systems were encrypted and a Bitcoin ransom was demanded. Despite the fact that networks are encrypted, experts advise victims not to pay ransom demands for a decryption key because doing so only shows hackers that such attacks are effective. The unidentified organization chose to pay the ransom after negotiating a payment of half the original demand. Although the company agreed to the extortion demands, the BlackMatter group leaked the data a few weeks later, demonstrating why organizations should never trust cybercriminals. Barracuda cybersecurity responders assisted the victim in isolating the infected systems, bringing them back online, and restoring them from backups. Following a network audit, multi-factor authentication (MFA) was applied to accounts, implying that a lack of MFA was what allowed the attackers to gain and maintain access to accounts in the first place. A few months after the incident, BlackMatter announced its closure, recommending that those using the Ransomware-as-a-Service (RaaS) scheme switch to LockBit. This article continues to discuss the ransomware incident detailed by cybersecurity researchers at Barracuda Networks and the increase in ransomware attacks against critical infrastructure.

ZDNet reports "This Company Paid a Ransom Demand. Hackers Leaked Its Data Anyway"