Company Was Victimized By Ransomware But Didn’t Have To Pay

Victims of ransomware often pay up because they don’t think they have a choice, but an article in ZDNet describes how a company in Australia recovered its network without paying hackers a penny. Langs Building Supplies, Brisbane, was the victim of Lorenz ransomware. The cyber criminals had encrypted multiple servers and thousands of files. The company was targeted because the Queensland government was operating a plan to keep the trade and construction industries in business while Australia was still facing lockdown because of Covid. If a key building supplier like Langs was out of business for an extended period of time it would have affected the entire regional construction industry. The gang demanded $15 million in Bitcoin in exchange for the decryption key, and threatened to leak the stolen information if the ransom wasn’t paid. However, Langs had recovery software that analyzes what data had been encrypted or modified. That enabled them to restore the network from backups separate from the rest of the network. The process took a few hours, and there was minimal disruption to services. In the article, Langs’ CIO explains that protecting backups is key, and uses the incident to examine how cyberscurity at Langs could be improved.