Hackers Stage A Data Auction After Company Refuses To Pay Ransom

The ransomware enterprise REvil has conducted its first ever online auction of stolen data, according to a report in Krebs on Security. The starting price was $50,000, and on the block were some 22,000 files and three data bases stolen from a Canadian company that had balked at paying a ransom. The auction may be just another ploy for extortionists trying to extract revenue, basically a variation on a kind of double-barreled demand already being made by some hackers: one payment to unlock your system and another to keep the stolen data from being made public. But at last one cyber expert, quoted in the Krebs piece, says it could also be a sign of stress in the online extortion business, a reflection of the general economic downturn. “The problem is a lot of victim companies just don’t have the money [to pay ransom demands] right now,” he said. Krebs concludes with some advice on how to reduce the chances of being victimized by a ransomware attack. With regard to the importance of maintaining backups, he explains an important distinction that must be understood in order to insure that the backups themselves, as well as the main storage, don’t get locked up.