US PAYROLL PROVIDER GIVES IN TO RANSOMWARE DEMAND BUT GETS FAULTY DECRYPTION KEY

On 23rd February, the Krebbs on Security blog carried a post about the experience of Apex Human Capital Management, which chose to pay the ransom demand and begin the process of restoring service to customers when it had its systems restored.  The company took all of its systems offline, and began notifying customers that it was trying to remediate a security threat.  Outside security advisers agreed was that paying the ransom was the fastest way to get back online; but the company declined to specify how much was paid or what strain of ransomware was responsible for the attack.  However, instead of restoring all files and folders to their pre-encrypted state, the decryption process broke countless file directories and rendered many executable files inoperable.  The post also includes a few tips for preventing and dealing with ransomware attacks.

https://krebsonsecurity.com/2019/02/payroll-provider-gives-extortionists-a-payday/

Author: raytodd2017

Chartered Legal Executive and former senior manager with Isle of Man Customs and Excise, where I was (amongst other things) Sanctions Officer (for UN/EU sanctions), Export Licensing Officer and Manager of the Legal-Library & Collectorate Support Section

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s