In a record-breaking instance, it’s alleged that a staggering $75 million was paid out to a ransomware group, marking the largest identified ransom payment made by a victim of a cyber attack in recorded history.
According to a newly released report from Zscaler researchers, a staggering payment was made by an unnamed Fortune 50 company to the notorious Darkish Angels ransomware gang.
The reported cost has almost doubled since the initial report, following a 2021 incident where hackers exploited the Phoenix Locker ransomware.
Darkish Angels, launched in May 2022, has brought together multiple sectors, including healthcare, finance, government, and education. Recently, an entity has been observed conducting attacks against major industrial, technological, and telecommunications companies.
Through its Dunghill knowledge leak website on the dark internet, Dark Angels purports to be “a global team of technical experts conducting research in the field of cybersecurity” that’s “unbiased in politics, which is why we don’t collaborate with governments and law enforcement agencies.”
While masquerading as cybersecurity experts, Darkish Angels allegedly generate revenue by extorting corporations, implying that their sensitive information will be publicly disclosed unless a ransom is paid in full.
Malicious actors, having breached the security perimeter of a target organization, may choose to encrypt sensitive data before proceeding to extract large volumes of information over an extended period.
Up to 100 terabytes of data may be compromised within major corporations that have fallen victim to the group’s attacks.
In September 2023, a high-profile cyberattack perpetrated by Darkish Angels forced a multinational conglomerate to shut down its IT infrastructure, after encrypting the organization’s VMware ESXi virtual machines and allegedly exfiltrating over 27 terabytes of sensitive company data?
According to sources, Darkish Angels allegedly issued a multimillion-dollar ultimatum to Johnson Controls: a $51 million ransom payment in exchange for a decryption tool and the deletion of the stolen data. According to a subsequent SEC filing, the corporation disclosed that the costs incurred from investigating and rectifying the incident, coupled with revenue losses resulting from business disruptions, had.
As organizations grapple with the staggering news of a record-breaking $75 million ransom demand, many are left wondering: what would we do if faced with such an ultimatum?
Although it’s more likely that a company will find it easier to decide whether to pay tens of millions of dollars to a ransomware gang versus just $10,000, the same fundamental questions still apply.
It’s widely acknowledged that organizations that pay ransoms may inadvertently encourage cybercriminals to target other victims in the future – perhaps, more ominously.
Concurrently, your business may feel compelled to make a difficult decision to settle the bill. Regardless of the circumstances, a misguided decision could imperil the very survival of the entire venture, thereby jeopardizing the well-being of both your employees and their families, as well as that of your business partners and customers.
Regardless of your level of detail, it’s crucial to report incidents to regulatory enforcement agencies and collaborate with them to identify potential perpetrators.
Paying a ransom does not guarantee that the vulnerability exploited by the attackers to gain access to your system has been remedied. Unless you identify the root cause of the issue and rectify it, you risk falling prey to subsequent ransomware attacks in the future.
