For C-suite executives and security leaders, learning that your organisation has been infiltrated by network attackers, critical systems have been locked down, and data has been compromised, followed by a ransom demand, could be the worst day of their professional life.
But, as some executives recently discovered who had contracted the Hazard ransomware, things can go far worse. The decryptor that was provided in exchange for paying the ransom to unlock the encrypted files did not function.
Security researchers did not talk to the victim organization in this case – its executives declined to be interviewed about their experience – hence the specifics remain unknown.
Still, researchers believe that deciding that paying the criminals was the best way out of the scenario – for concerns regarding customer and employee data privacy, to bring business operations back online, to minimise reputational damage, or simply because there were no backups (oops) – was a painful decision in and of itself. But what if you pay the extortionists and still are unable to recover the files? That’s excruciating.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: