Back to Ransomware


US travel firm pays $4.5 million Bitcoin ransom

In August 2020, CWT, one of the biggest business travel management firms in the US, was reported to have paid $4.5 million Bitcoin as ransom to a hacker group. The threat actors accessed the company’s systems and stole two terabytes of sensitive corporate information including financial reports, security documents, and employees' email addresses and salary information. The attack rendered 30,000 computers offline.

The attackers used a strain of ransomware virus called Ragnar Locker to infect the systems, which was injected via a phishing email. The attack was investigated and the negotiations with the hacker group were carried out with the help of a third-party cybersecurity firm. According to Reuters, the hackers initially demanded a ransom of $10 million and, citing pandemic-related losses as the reason, the firm agreed to $4.5 million as payment instead. There has been no evidence that customers’ travel details were compromised in the attack. Law enforcement authorities in the US and Europe have been notified.

Ransomware attacks can be costly. Invest in a tool like ManageEngine DataSecurity Plus to secure data and mitigate ransomware attacks. Download a free, 30-day trial of DataSecurity Plus today.

How ManageEngine can help.

Investing in a ransomware detection tool helps you detect and respond to ransomware attacks in real time to minimize the impact on your organization. Here are some best practices DataSecurity Plus can help you implement to handle ransomware attacks.

  • Detect ransomware with real-time mass access alerts. Monitor the frequency of file modifications by a user, and issue alerts whenever the number of modifications crosses a threshold within a specified time.
  • Quarantine ransomware and shut down infected devices with a customizable and automated response system. Set automated alert responses through the execution of a batch file to respond to mass access alerts.
  • View in-depth details of events for further investigation. Generate customizable, audit-ready reports on all file-related changes, access attempts, and share permissions.

Learn more about the eight best practices that can help you avoid cyberattacks and protect your organization. Start your free, 30-day trial of DataSecurity Plus today.

© 2022 Zoho Corporation Pvt. Ltd. All rights reserved.


Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.