We are quite used to seeing hackers using ransomware apps to trick unsuspecting users into paying ransoms. But, in Thailand instead of targeting ordinary users, hackers targeted the big fish in the business. By big fish, we mean influential companies in the country, and the worst part, they couldn’t even lodge an official complaint in fear of their reputation being hurt.
A classic Ransomware attack
Hackers usually infect their targets with an illegal software, a fake Wi-Fi hotspot designed by the hacker to spread malware and sometimes even a free software is infected with malware. A police inspector with the TCSD’s sub-division 1, Pol Maj Pathompong Silapasuk said:
- “When ransomware is installed on the targeted computer network, the entire system is frozen. That is when the hacker usually contacts the administrator and demands a ransom payment.”
Well, this is exactly what happened with Thai companies when they were forced to pay ransom to the cyber criminals, according to Bangkok post.
Usually victimized parties ask for police help but here, the companies chose to remain silent and some of them even paid a hefty amount of ransom to get their systems and data back. In fact the longer the companies take, the higher the amount of the ransom will be – this was the scheme used by hackers and the companies had no other choice but to pay them.
At this point in time, the name of affected companies isn’t disclosed. However, we will update this article as soon as we get the list.
Why were Police not involved?
There were a lot of reasons for that. First and foremost, the companies didn’t want to take chances of losing their reputation in the market and with their partners. Another thing was obviously because the affected companies believed that the police might not be able to resolve the issue in time and the data on the affected devices was too precious for the firms to lose.
The role of Bitcoin
Bitcoins are quite famous these days not only to the general public but also in the world of hackers. The hackers demanded their targets to pay the ransom in Bitcoins. The reason for that, was, of course, it’s almost impossible to track a Bitcoin transaction.
Usually, the cyber security firms maintain that they can handle the cybercriminals behind the ransomware tactics and that paying ransom is not a smart thing to do. But one of the affected company lost more than 1 million baht (USD 28,876) just because they chose to hire a security firm instead of paying the ransom.
Mr. Somsak CEO of Design Alternative Co was affected by the incident, and instead of paying the ransom, he chooses to hire a German security firm to deal with the matter. This is what he had to say:
- “That cost me more than 1 million baht [in the total loss], which was more than the initial ransom they demanded I pay. And if I had paid it right away, I would not have faced this much loss.”
While we agree that paying ransom only encourages the cyber criminals, but sometimes it is the smart thing to do or if your device is infected with a ransomware go to ‘No More Ransom’ Anti-Ransomware Portal backed by cyber security giants and Europol who decrypt users’ devices from ransomware infection for free.
DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.