Austria: Company Pays 4 Million Euros Ransom due to Ransomware Attack

Cybercriminals target companies of all sizes, not just big corporations. According to a survey conducted among 500 small and medium-sized enterprises (SMEs) by the German Road Safety Board (Kuratorium für Verkehrssicherheit), 80 percent of companies have, in recent years, been affected by cyber attacks. The sums of incurred damages range widely, though most lie between 130 and 10,000 euros. Some SMEs reported losses of up to 150,000 euros.

According to the Austrian Federal Criminal Police Office, one of the largest enterprises of the country has recently been struck – and badly so. To get all IT systems back up and running, the company paid the blackmailers 4 million Euros in Bitcoin; but the perpetrators remain unknown.
Unfortunately, this is no isolated case. Cybercrimes are on the rise. In 2018, the Austrian police received almost 20,000 reports related to cybercrime, which is almost 17 percent (or around 10 reports per day) more than the year before. The dark figure is assumed to be much higher because many cases are not reported at all.

Criminal motives vary. The purpose of an attack may simply be to destroy systems, or there could be financial reasons involved – in which case a ransom could be demanded.

In both cases, financial losses will be the consequence. Globally, the damages caused by cybercrime are estimated to an incredible 600 billion US dollars. This is equivalent to about one and a half times Austria’s yearly gross domestic product (GDP).

Back to Austria. According to insurance group Allianz, approximately one in five companies today has taken out cyber insurance. A good solution, though not perfect. Because, as we recently discussed in another blog post, not all damages will be covered. The Austrian Federal Economic Chamber has set up a hotline dedicated specifically to affected companies: In the event of an attack, members of the Austrian Federal Economic Chamber can call +43 800 888 133.

The reasons for why a company may make a desirable target for cyber attacks is well known and it is precisely here where companies need to cut in:

1. Update or upgrade outdated systems.
2. Backup files.
3. Create awareness among employees regarding potential cyber attacks.

Obviously, you can and should take further actions to protect your data, for instance by setting up a modern identity and access management system. Keep in mind that, besides the stipulations of the GDPR, cybercrimes, too, are valid reasons to ensure that only those people are given access to sensitive company information who actually need it to carry out their respective duties in the company.

Sources:

The Evil Internet Minute 2019
CYBERCRIME TACTICS AND TECHNIQUES:Ransomware Retrospective
Ransomware. The new threat to business uptime.
Report: 2019 Phishing By Industry Benchmarking