Midwest Manufacturer Pays Hackers $150,000 Bitcoin Ransom Payment

It was 10:30 pm on a Saturday evening when the CFO received a phone call from an employee who had opened an email and received the following message on the lock screen. We have your systems under control and demand $400K. Please contact us and there was a number. The CFO exclaimed, “Excuse me, what? We’re under attack, what are you talking about?”

Their IT company was notified and confirmed that the ransomware was real. Having to acknowledge that they could not recover, the IT company instructed the CFO to call his insurance company. The CFO contracted a third‐party to negotiate the bitcoin ransom payment. Painfully, the ransom paid was $150,000.

The CFO explained, “Wow, we are totally reliant on our systems. You find out very quickly that 25 men and women out in the plant that are used to being very good at their jobs are held, with no ability to do their jobs because they don’t even remember how to do it without that computer. This isn’t a matter of do we pay them? It’s a matter of how do we pay them? Because if we don’t pay them, we don’t have a way out of this, and business just stops, so it’s quite a scary situation.”

Source of Executive Loss Summary: Certitude Security Certitude Security helps manufacturers avoid business disruption and financial losses caused by cyber threat exposure to criminal enterprises and nation-states.

  1. I would rather shut down than pay a ransom demand. Take the insurance money and start over.

  2. Fire your IT group or person.

Leave a Reply